Social-Engineering-Hero-Image.jpg

Email Phishing and Social Engineering

Local Security Case Study

Who

A local technologically literate business dealing in the agricultural sector. They had invested in their IT infrastructure, ensuring Windows patches were applied, regularly testing on backups, up to date anti-virus software and an enterprise grade firewall.

What

Phishing e-mails were sent to multiple users within the business, these e-mails appeared to be alert e-mails regarding an issue with Office 365. The login page was a fake page setup to encourage users to enter their e-mail addresses and password.

office365.jpg

Once the users entered their password into the website the attackers kept details of the password for later use.

sign-in.jpg

How

With the user passwords the hackers were able to login to the business e-mail system and send e-mails as the exploited users. The theft occurred on a Thursday and was not detected until the following Monday.

Impact

The hackers used their access to send e-mails to several staff requesting the transfer of $200,000 USD to a foreign bank account. The request was duly authorised by two signatories and the money paid that day. Although a request was made to the bank, the money had since been forwarded on to other bank accounts and was not recoverable.

Phishing Highlight

Analysis

The business was the of victim of E-Mail Phishing and Social Engineering attack, these attacks are low risk and high reward. The e-mails sent internally portrayed a sense of urgency, causing staff to bypass normal safety steps. Several key staff members were away from the office that day, this meant that usual safety steps were not followed.

The case was investigated by New Zealand Police; due to the attack occurring on foreign soil and the money transferred overseas the likelihood of identifying the perpetrator is slim