BEC_InfoSec  - BEC InfoSec - Criminals Make Off With USD 150,000 in Business Email Compromise Real Estate ScamScammers stole $150,000 from a woman during a real estate transaction last year, according to Lisa Vaas at Naked Security. Mireille Appert, a Swiss woman who lives in the United States, inherited her uncle’s house in Australia when he passed away in 2014.

In 2018, Appert decided to sell the house and got in touch with an Australian law firm, KF Solicitors, on July 1st. On July 18th, she received an email that read, “The sellers [sic] authority just needs to be emailed back to us and not posted.” She emailed her bank details to the company in a PDF.

Over the next month, Appert and her son worked with KF Solicitors to have the money transferred to Appert’s account. However, the money kept bouncing back. On August 10th, Appert received an email supposedly confirming the wire transfer with the wrong bank account number.

KF Solicitors said they never sent this confirmation, and that they had already transferred the money to an account owned by a company called Kristal Contractors LLC. Appert contacted US law enforcement on August 11th, and on August 14th, Appert’s bank confirmed that the attackers had stolen her money on August 6th. KF Solicitors tried to freeze the transfer, but it was too late.

“There aren’t a lot of details about this case beyond what Appert relates,” writes Vaas. “But more than anything, it sounds like business email compromise (BEC): a crime that’s a bit like phishing but without the fake website. Fraudsters contact , generally at small companies, often through spoofed email addresses but also by , and then impersonate trustworthy business contacts, be they suppliers or customers. In this case, the ‘corporate account’ with Kristal Contractors LLC was likely the purportedly trustworthy business party.”

BEC scams are increasingly popular among criminals, and organizations need to ensure that they’ve implemented proper authentication protocols for money transfers. New-school security awareness training can also help employees be on the lookout for this type of behavior and prevent social engineering tricks.

Naked Security has the story: https://nakedsecurity.sophos.com/2019/01/17/email-crooks-swindle-woman-out-of-150k-from-home-sale/


Find out how affordable new-school security awareness training is for your organization. Get a quote now.

 

Get A Quote  - a8252926 7187 4c02 9dd4 933c17d712b1 - Criminals Make Off With USD 150,000 in Business Email Compromise Real Estate Scam
Request A Demo  - 2af0f76d 67ca 4454 9896 5cb1da9b1f50 - Criminals Make Off With USD 150,000 in Business Email Compromise Real Estate Scam

 



Source link
Based Blockchain Network

No tags for this post.

LEAVE A REPLY

Please enter your comment!
Please enter your name here