There are many different types of scams and methods that cyber criminals will use in attempts to steal money from victims. There are online dating scams, tech support scams, Craigslist scams, and a multitude of others. The ways that criminals use have continued to evolve as more people realize which ones are scams, but there are also methods that have stuck around for many years because they continue to be successful. One of these would be phishing attacks, as they can be continually changed, and yet are still quite easy for attackers to employ. A successful way of using phishing attacks that have become much more prominent is criminals hijacking the email of a reputable company and using it to mask their ploy. In a recent case of this, a hacker disguising themselves as a title company was able to purloin $1.5 million from a D.C. couple that was attempting to buy a home.
The Method of Attack
The title company involved in this incident was called Federal Title and Escrow Company, and the couple had been working with them to purchase a home in Cleveland Park. The company had initially sent an email to the couple with instructions for wiring over a deposit for the home, which had gone through just fine. But, the couple had then received a second email appearing to be from the same employee which had instructed them to wire the remaining amount to a separate account, to which the couple had obliged. Then, when the couple took a trip to the company’s office for final paperwork, Federal Title had informed them that the remaining funds had never made it to escrow and no one had known about the money being sent. At this point, it was discovered that a hacker had commandeered the email and used the identity to get the couple to wire money to their own account. And even more unfortunate, the company then informed them that the only way to proceed with the transaction was to come up with an additional $1.57 million. With this essentially being their only option, the couple had then wired the amount again, this time to the correct account.
The FBI was immediately contacted in regard to the incident, and Federal Title has been working with them in an ongoing investigation. The company said that no other customers had been affected by the hacking. Hoping to recoup their losses and additional damages, the couple has filed a lawsuit against Federal Title accusing them of negligence in their cyber security, which allowed the scam to occur.
Putting Anti Phishing Solutions in Place
Phishing attacks are one of the most common cyber attacks that we continue to see. This is largely because they are generally quite simple for cyber attackers to formulate, and they continue to be hugely successful. A majority of cyber attacks still rely on human error to be successful, and phishing is one of them. They cannot do anything unless an undereducated individual falls for the scam or clicks on their malicious links or attachments. This is why organizations must have anti phishing solutions in place to defend from these attacks, which could include comprehensive employee education, adequate cyber security, cyber monitoring services, and resources to trace any successful attack. Of course, the ideal situation is to completely prevent these types of attacks, but an organization must also be able to take rapid action in the event of a successful attack. This is where Massive Alliance can help, as our anti phishing solutions encompass both sides and can provide assistance to organizations to stay properly protected from cyber attacks.