Hackers stole as many as $1.3 million by simple email phishing attacks on the officials of the companies. A security research company, Check Point Research shows the details of how the hackers were able to steal the amount from these three companies via an Email Phishing attack.
The team behind the heist is called “Florentine Banker”. They planned to do a man in the middle attack for a Wire transfer to steal the money. They targetted three UK private equity companies.
At first, they got access to the email accounts of companies’ high profile officials including CEOs and CFOs. The hackers managed to grab the details of these officials using an Email Phishing attack.
Soon after the hackers got access to the email accounts of officials, they kept monitoring all the sent and received emails. As per the report they waited for weeks and months to make use of the perfect opportunity. Following this, the hackers created a mailbox rule that diverts email relevant to the hackers and creates a man in the middle attack.
The next step taken by the thieves was to create a domain that visually looks like the official domain. They might have used some similar kinds of characters like the companies domain and registered the same. Earlier the hackers had diverted required messages via ‘man in the middle’ attack. Now they make use of it to create new conversations or continue existing conversations
Now the hackers would ask for the money posing as a legit company making a real investment. Hackers were able to bag the money by intercepting accredited wire transfer or by creating new ones.
This is how easily hackers managed to steal million-dollar money easily via simple phishing attacks. The cybersecurity teams of big companies like this should work even better to notice these kinds of attacks.
Anyways, the company was only able to recover half of the stolen amount.