HOME
NEWS

Avanan reports of new spoofing Chief Financial Officer (CFO) scams to trick Employee to Wire Funds


By VARINDIA - 2022-08-30
Avanan reports of new spoofing Chief Financial Officer (CFO) scams to trick Employee to Wire Funds

Researchers at Avanan, a Check Point Software company, caught and blocked a cyberattack that spoofed the CFO of a major sports organization for financial gain. The attackers tried to trick a lower-level finance employee to send funds to an alleged insurance company. The cyberattack technique used is known as a Business Email Compromise (BEC) attack, where cybercriminals impersonate organizational supervisors for financial gain. Avanan researchers warn that these cyberattacks are on the rise, playing on people’s desires to perform well for their boss.

 

· Attackers have struck more than once

· Two examples of spoofed emails caught in the campaign are provided

· Avanan researchers offer several cyber safety tips to protect from BEC attacks

 

Researchers at Avanan, a Check Point company, spotted a cyber-attack that spoofs the CFO of a major sports organization to get a lower-level employee to send funds directly to hackers. The spoofed CFO requested a wire to be sent to what appears to be an insurance company. Avanan Research was able to block the cyberattack.

 

It is right to assume that the drive behind the attack was financially motivated. Little information is known about the attackers, except that they have struck more than once.

 

Attack Methodology

The cyberattack type used is what’s known as a business email compromise (BEC) attack. The attack methodology in this case was as follows:

Hacker first created a spoofed account of the company’s CFO

Hacker finds the legitimate email address of someone on the finance team

Hacker creates an email that looks like the CFO has forwarded, with attached instructions for wiring.

CFO asks employee to wire money instantly

If the employee bites, money will land in the hackers’ account

 

Email Example #1

The user is presented with an email from the CFO of this major corporation. The CFO asks the recipient of the email to make payment to a legitimate insurance company, West Bend Mutual. Even more clever is the fact that the URL in the ‘from’ address is taken from their slogan. However, this is clearly a fake, as the “reply-to” address at the top of the email differs from the company’s email address. You’ll notice the banner that shows the email wasn’t from the displayed sender. This was added by the tenant’s generic Office 365, not Proofpoint. It is the only thing that alerted the end-user that something was amiss.

Email Example #2

This is a nearly identical email that affected another company. In fact, we’ve seen dozens of this type of attack. Notice two differences: There is no external banner alerting the end-user to potential danger; the “Get in touch” email at the bottom spells Silver Lining as ‘Silver Linning’.

 

Quote: Manish Alshi, Head, Channels & Emerging Technology, Check Point Software Technologies, India & SAARC:

“Our team at Avanan discovered an attack that spoofs the CFO of a major sports organization. The spoofed CFO asks a lower-level finance employee to send a wire transfer to what appears to be an insurance company. Instead, it would go straight to the hacker. In this case, we were able to successfully block the attack.

 

These ‘business email compromise’ attacks are incredibly popular, difficult to stop and tough to identify. End users should always exercise caution before paying invoices. It’s best to confirm directly with the CFO before paying out.

 

I strongly recommend people to implement advanced email security that relies on more than one factor to determine if an email is malicious or not. Be sure to read the entire email before acting, looking for any discrepancies or oddities.”

 

Cyber Safety Tips

· Always check reply-to addresses to make sure they match

· If ever unsure about an email, ask the original sender

· Encourage users to ask finance before acting on invoices

· Read the entire email; look for any inconsistencies, misspellings or discrepancies

· If using banners, be sure to not bombard end-users with them; only use at critical times so that end-users take them seriously

See What’s Next in Tech With the Fast Forward Newsletter

SECURITY
View All
Zscaler announces AI innovations to its Data Protection Platform
Technology

Zscaler announces AI innovations to its Data Protection Platform

by VARINDIA 2024-05-20
SHIELD to enhance Swiggy’s fraud prevention and detection capabilities
Technology

SHIELD to enhance Swiggy’s fraud prevention and detection capabilities

by VARINDIA 2024-05-20
Axis Communications announces its first thermometric camera designed for Zone/Division 2
Technology

Axis Communications announces its first thermometric camera designed for Zone/Division 2

by VARINDIA 2024-05-20
SOFTWARE
View All
Hitachi Vantara and Veeam announce Global Strategic Alliance
Technology

Hitachi Vantara and Veeam announce Global Strategic Alliance

by VARINDIA 2024-05-16
Adobe launches Acrobat AI Assistant for the Enterprise
Technology

Adobe launches Acrobat AI Assistant for the Enterprise

by VARINDIA 2024-05-11
Oracle Database 23ai offers the power of AI to Enterprise Data and Applications
Technology

Oracle Database 23ai offers the power of AI to Enterprise Data and Applications

by VARINDIA 2024-05-10
START - UP
View All
Data Subject Access Request is an integrated module within ID-REDACT®
Technology

Data Subject Access Request is an integrated module within ID-REDACT®

by VARINDIA 2024-04-30
SiMa.ai Secures $70M Funds from Maverick Capital
Technology

SiMa.ai Secures $70M Funds from Maverick Capital

by VARINDIA 2024-04-05
Sarvam AI collaborates with Microsoft to bring its Indic voice LLM to Azure
Technology

Sarvam AI collaborates with Microsoft to bring its Indic voice LLM to Azure

by VARINDIA 2024-02-08

Tweets From @varindiamag

CIO - SPEAK
Automation has the potential to greatly improve efficiency and production

Automation has the potential to greatly improve efficiency and production

by VARINDIA
Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

by VARINDIA
Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

by VARINDIA
Start-Up and Unicorn Ecosystem
GoDaddy harnesses AI power for new domain name recommendations

GoDaddy harnesses AI power for new domain name recommendations

by VARINDIA
UAE’s du Telecom selects STL as a strategic fibre partner

UAE’s du Telecom selects STL as a strategic fibre partner

by VARINDIA
JLR and Dassault Systèmes extend partnership for All Vehicle Programs worldwide

JLR and Dassault Systèmes extend partnership for All Vehicle Programs worldwide

by VARINDIA
Rapyder partners with AWS to accelerate Generative AI led innovation

Rapyder partners with AWS to accelerate Generative AI led innovation

by VARINDIA
ManageEngine integrates its SIEM solution with Constella Intelligence

ManageEngine integrates its SIEM solution with Constella Intelligence

by VARINDIA
Elastic replaces traditional SIEM game with AI-driven security analytics

Elastic replaces traditional SIEM game with AI-driven security analytics

by VARINDIA
Infosys and ServiceNow to transform customer experiences with generative AI-powered solutions

Infosys and ServiceNow to transform customer experiences with generative AI-powered solutions

by VARINDIA
Crayon Software Experts India inaugurates its ISV Incubation Center in Kolkata

Crayon Software Experts India inaugurates its ISV Incubation Center in Kolkata

by VARINDIA
Dassault Systèmes to accelerate EV charging infrastructure development in India

Dassault Systèmes to accelerate EV charging infrastructure development in India

by VARINDIA
Tech Mahindra and Atento to deliver GenAI powered business transformation services

Tech Mahindra and Atento to deliver GenAI powered business transformation services

by VARINDIA