Who
A local technologically literate business dealing in the agricultural sector. They had invested in their IT infrastructure, ensuring Windows patches were applied, regularly testing on backups, up to date anti-virus software and an enterprise grade firewall.
What
Phishing e-mails were sent to multiple users within the business, these e-mails appeared to be alert e-mails regarding an issue with Office 365. The login page was a fake page setup to encourage users to enter their e-mail addresses and password.
Once the users entered their password into the website the attackers kept details of the password for later use.
How
With the user passwords the hackers were able to login to the business e-mail system and send e-mails as the exploited users. The theft occurred on a Thursday and was not detected until the following Monday.
Impact
The hackers used their access to send e-mails to several staff requesting the transfer of $200,000 USD to a foreign bank account. The request was duly authorised by two signatories and the money paid that day. Although a request was made to the bank, the money had since been forwarded on to other bank accounts and was not recoverable.
Analysis
The business was the of victim of E-Mail Phishing and Social Engineering attack, these attacks are low risk and high reward. The e-mails sent internally portrayed a sense of urgency, causing staff to bypass normal safety steps. Several key staff members were away from the office that day, this meant that usual safety steps were not followed.
The case was investigated by New Zealand Police; due to the attack occurring on foreign soil and the money transferred overseas the likelihood of identifying the perpetrator is slim