Categories
Security

Poor communication can cost you $52,140.60

Over the weekend, I received several cryptic e-mails from my CFO, Mark Harris, asking if I had approved the wire template for “the wire I had requested.” We were in the process of making a few wire transfers on Monday but I had already approved those and communicated that to him. He repeated the question a few times, but I still didn’t think anything of it. He asked me again in person this morning. That’s when I started to dig in.

Here’s the first e-mail Mark had received:

First Suspicious Email

The attachment in that e-mail was an invoice for $52,140.60:

Suspicious Invoice

The suspicious sender of the e-mail [email protected] should have thrown Mark off immediately. But I send e-mails like this to Mark all the time, understandably he’d read the e-mail, load up the wire, and we’d be on our merry way.

And that’s what he did. The invoice looked like any other invoice we’d process from our vendors. Mark loaded the wire template into our banking system and luckily his instinct kicked in and he flagged it for me before I blindly approved it. Here are some other e-mails the scammer tried to pressure Mark with.

Second Suspicious Email

Third Suspicious Email

As you can see, I’m becoming quite persistent and at any point Mark could have gone in and overridden the banking platform to process the wire and rewarded the scammer. Several months ago though, Mark and I agreed that we would adhere to a specific process: he loads the wires and I approve, or vice versa. Maintaining that process and communicating is what kept the money safe.

It’s crucial to work out these types of processes, especially on the executive level. Money wiring scams like this are becoming prominent, and you never know how or when you will be attacked. Letting your guard down just one time can put you in a very costly situation. Personally, I will keep a better eye out on the approvals that I am making and I encourage you to do the same, however it may apply to your business or personal life.

By Marcin Kleczynski

CEO of Malwarebytes, click About Me at the top of the page to learn more!

5 replies on “Poor communication can cost you $52,140.60”

Our CFO got hit with one of these attempts recently as well. Luckily it was easily caught with a verbal confirmation. The perpetrators are getting more bold and more skilled. Wouldn’t be surprised if they are quietly stealing a fortune.

Leave a Reply