The City of Ocala in Florida is the last victim in order of time of a profitable business email compromise scam (BEC) attack, fraudsters redirected over $742,000 to a bank account under their control.
Attackers’ emails posed as an employee of a construction company, Ausley Construction, that is providing its services to the city for the building of a new terminal at the Ocala International Airport.
The BEC attack took place in September, when fraudsters sent an email to a city senior accounting specialist informing him to send future payments to a new bank account.
Clearly, the attackers had a deep knowledge of the targeted organization and such kind of attack implies a long preparation during which fraudsters collect as much information possible related to the victims.
Impersonating vendors or clients is the latest trend observed in BEC scams, and requires a lot of preparation to create a message the victim will take for genuine. This phase involves social engineering techniques, OSING, and also malware.
“In the case of Ocala, the criminals gave the city employee a routing number and a bank account number along with a copy of a voided check.” reported BleepingComputer.
Fraudsters used a messages sent from a fake address of the company, “ausleyconstructions.com” instead of the legitimate ” ausleyconstruction.com/ ” domain.
On October 22, Ausley Construction sent a payment reminder to the Ocala city because an invoice submitted five days earlier had not been paid, then the officers at the city discovered that the money was transferred to crooks’ banking account. In August, the city of Naples, Florida, was a victim of a BEC attack and fraudsters redirected around $700,000 into their account.
In September, Toyota Boshoku Corporation announced that one of its European subsidiaries lost more than $37 million due to a business email compromise (BEC) attack.
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – BEC, Ocala City)
[adrotate banner=”5″]
[adrotate banner=”13″]
CISA adds Cisco ASA and FTD and CrushFTP VFS vulnerabilities to its Known Exploited Vulnerabilities…
U.S. CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog.…
The U.S. Department of Justice (DoJ) announced the arrest of two co-founders of a cryptocurrency mixer…
Google addressed a critical Chrome vulnerability, tracked as CVE-2024-4058, that resides in the ANGLE graphics…
Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November…
A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute…
This website uses cookies.