Scammers and cyber criminals attacked kid’s charity – Save the Children Federation, a well-known U.S. charity, into sending them approximately one million dollars.
The attacker managed to access an employee’s email account and from there sent fake invoices and other documents designed to trick the organization into sending the money. Whatever online website scanners or malware detection scanners they had, it obviously didn’t work.
According to the security researchers, the hacker pretended the money was needed to pay for health center solar panels in Pakistan. It was a well-researched ruse given the charity has had a base there for decades. A possible identity theft prior to the incident was done to acquire information ahead of the attack.
By the time it was realized the transfer was a scam, the money had already been deposited in a Japanese bank account, although the non-profit managed to recover all but $112,000 thanks to its insurance policy.
The charity said it has improved its security processes since. It was hit a second time by an email scam after a vendor’s email account was hacked and an impersonator requested the charity send money to a new bank account in Africa. Fortunately, the $9210 payment was reportedly recovered in time.
Save the Children Federation suffered what’s known as a business email compromise (BEC) scam. In this type of ruse, a digital attacker seizes control of a business email. They subsequently leverage that access for secondary attacks. In some cases, they issue fraudulent wire transfer requests, but in other instances, they request personally identifiable information (PII) or W-2 forms for employees.
According to the FBI’s Internet Crime Complaint Center (IC3), organizations filed 78,617 reports of BEC incidents in the United States and abroad between October 2013 and May 2018. These attacks cost victims a collective total of $12.5 billion and leveraged various techniques, including gift card fraud.
After discovering the incident in 2017, Save the Children Federation strengthened its computer systems and adopted several security measures designed to prevent BEC scams. It began enforcing a policy where an employee must verify new vendors and bank account instructions via phone, for instance.
Stacy Brandom, chief financial officer of Save the Children Federation, says that these and other changes will help protect the charity going forward. As mentioned in her statement – We have improved our security measures to help ensure this does not happen again. Fortunately, through insurance, we were ultimately reimbursed for most of the funds.
Well, hopefully those improved security measures includes the best malware detection and prevention systems. Anti-phishing measures and email scanners obviously didn’t work well the first time but given the development of recent events, this company will be well-prepared moving forward.