1-888-643-2217 Email ABEX
Keeping you updated

City Government Falls Victim to Social Engineering

Social engineering involves the use of deception to manipulate individuals into carrying out a particular act, such as transferring money, handing over confidential information, or clicking on a malicious link, and it’s causing serious financial harm to organizations around the world.

Any organization that transfers funds electronically can be susceptible to social engineering attacks, and entities operating in the public sector are no exception to this. Public entities not only receive funds electronically in the form of grants from central government and tax receipts from local residents, but they also disburse large amounts of money both internally to different departments and externally to third party suppliers and contractors. All these transactions make for a tempting target for cybercriminals, who are constantly on the lookout for opportunities to intercept fund transfers and divert them to fraudulent accounts.One of our policyholders affected by such a loss was a local government for a city with a population of around 140,000. The city government’s responsibilities include public transportation, car parking facilities, social housing, parks and recreation areas, and recycling and waste disposal, and more.

Fraudster glimpses prime opportunity

The scam all began when an employee from the city’s finance department fell for a credential phishing email. Credential phishing emails are used by malicious actors to try and trick individuals into voluntarily handing over their login details, typically by directing them through to a fake login page.

In this case, the employee received an email purporting to be from Microsoft. The email explained that the employee’s email account details needed to be verified in order for them to continue to use Outlook without disruption. With the email appearing to come from an official source and with the employee not wanting to suffer any disruption to her work, she clicked on the link included in the email. The link took her through to a seemingly legitimate landing page with Microsoft branding in place, where she inputted her email login details. Assuming that her account had been verified, the employee gave no further thought to the incident. However, by inputting her credentials on this login page, the employee had inadvertently passed on her details to a fraudster.

To make matters worse, the city government had not enabled multi-factor authentication on staff email accounts, so the fraudster was able to use the credentials to access this employee’s account remotely. This allowed the fraudster to monitor communications to and from the account and gather valuable information about any upcoming transactions.

As it happened, the city government was in the process of building a new social housing development and had contracted a third-party construction firm to carry out the building work on the project. The construction firm would send regular invoices for the work carried out to the city’s finance department, who would then arrange for a payment to be made to the construction firm’s bank account. The fraudster managed to find the email correspondence between the employee in the finance department and the finance director of the construction firm, and in the process, the fraudster established that the latest invoice, totaling $213,456, had been sent over and was due to be paid within a few weeks. Having spotted a lucrative opportunity, the fraudster chose this moment to strike.

Scam set up in a flash

The fraudster’s first step was to set up a forwarding rule in the employee’s email account. Forwarding rules are settings that can be applied to an email account which ensure that certain emails are automatically forwarded to a specific folder or to another email account. In this case, the fraudster set up a forwarding rule that meant that any emails that featured the construction firm’s genuine domain name were automatically marked as read and sent directly to the account’s deleted items folder.

The next step was to set up an email address impersonating the construction firm’s finance director. To the untrained eye, this was exactly the same as the finance director’s, but crucially omitted a character from the domain name. So rather than reading Joe.Bloggs@XYZconstruction.com, it read Joe.Bloggs@XYZconstuction.com.

The final step was to send an email to the employee in the city’s finance department from this fake account. In the email, the fraudster explained that the construction firm’s usual account was being audited and that meant that they were pausing all transactions while this was taking place. The email then went on to explain that a temporary account had been set up as an alternative and that all upcoming invoice payments should be sent there in the meantime, with the fraudster attaching a document with the new account details attached.

The fraudster also added some touches to the email to make it look as authentic as possible. For example, the fraudster forwarded the original email correspondence between the city government’s employee and the construction firm’s finance director to the fraudulent email address, with the fraudster then responding to this email correspondence and making it look as though the fake email was part of the original email chain. The fraudster also signed off with the finance director’s genuine email signature and the document with the fake account details featured the construction firm’s genuine logo and address details.

With the fraudster’s email forming a part of the original email chain and coming from a seemingly identical email address, along with a plausible excuse for changing the account details temporarily, the employee in the city’s finance department never doubted the legitimacy of the request and the construction firm’s account details were changed, resulting in $213,456 being sent to the fraudulent account.

Discovered too late

It was only when the construction firm’s finance director called up the city’s finance department a few weeks later to inquire about the status of the payment that the scam was finally uncovered. The banks involved and local law enforcement agencies were immediately notified about the scam and attempted to recover the loss, but by this point it was too late to retrieve the funds as they had already been transferred out of the
fraudulent account.

With the lost funds deemed unrecoverable and the construction firm still expecting its invoice to be paid, the city government had no choice but to pay the invoice again, resulting in a significant financial loss. Thankfully, however, the city was able to recoup the stolen funds under the cybercrime section of its cyber policy with CFC, which provides cover for social engineering-style losses such as these.

Follow-up with a call and other key takeaways

This case highlights a few key points. Firstly, it illustrates why any organization that is undertaking a construction project should be extra vigilant when it comes to funds transfer fraud. Cybercriminals know that any construction project is likely to require sizable transfers of money, which makes it a particularly lucrative and tempting area for them to target. Any organization involved with a construction project, whether it’s the entity that’s paying for the project or the contractors carrying it out, should be on their guard to prevent funds from being intercepted by fraudsters.

Secondly, it shows just how skillful cybercriminals are becoming at parting innocent organizations from their money and how difficult it is to spot a fake. In this case, the fraudster managed to successfully impersonate Microsoft and manipulate the city’s employee into handing over her login details; set up a forwarding rule to prevent any genuine emails from the construction firm from reaching the employee and jeopardizing the scam; set up a fraudulent email address that was virtually identical to the construction firm’s finance director’s address; make it look as though the fake email sent to the employee was part of the original email chain, and make use of the finance director’s genuine email signature and the construction firm’s logo and address on the document containing the fake account details.

Finally, it highlights the importance of having call back procedures in place. Call back procedures work by ensuring that whenever a new payee account is set up or a change of account is requested, the request is verified by having a member of the accounts department call the person or company requesting the change on a pre-verified number to confirm that it is legitimate. If the city’s finance department had had this procedure in place and the employee had followed it, it’s highly unlikely that the funds would have been intercepted. Having call back procedures in place, alongside staff training on phishing risks and multi-factor authentication on email accounts, can significantly reduce an organization’s exposure to funds transfer fraud. Nevertheless, it’s worth noting that none of these methods are fool-proof and it’s very difficult to eliminate this risk entirely, especially when human error is factored in. And that’s why cyber insurance can be such a useful purchase, providing a valuable safety net when things go wrong.


Technology for Isolation Alleviation

The corona outbreak has illustrated just how important technology is in our lives. Whether it’s allowing you to work from home, stay in touch with loved ones that you can’t be with, or keeping you fit when you can’t make it to a gym – technology is so essential to the human experience – now more than ever.

CFC receives a variety of tech risks from start-ups to SMEs, but there’s certainly been an influx as we all grapple with life in lock-down.

Here are some of the tech risks CFS is seeing which seem to have particular relevance in a COVID era:

Checkout-less shopping

Maintaining social distancing while in your local supermarket is a tough call at the moment, but some retailers are using artificial intelligence to operate stores without checkouts, so there’s no more queuing and no unnecessary groups of people! With onsite cameras, cloud services and sensor technology, all you need to do is download the app, scan in, grab those essentials and walk out!

Digital events for seniors

Borne out of the awareness that isolation can be especially tough for seniors who may already live a relatively solitary life, this app hosts digital events for elderly people. The app is helping to combat the loneliness epidemic with book clubs, regular religious and worship events and yoga – the perfect way for the elderly to stay connected during social distancing.

Social gaming

What better time to become a gamer?! eSports is becoming the fastest growing form of entertainment in the world, with over 550M viewers expected industry-wide by 2021!  This games developer is creating titles across a multitude of platforms including augmented reality, virtual reality, consoles, mobile, PCs, and interactive television.

Internet discovery platform

A new way to share content with friends and strangers – this platform finds the internet’s hidden gems using in-depth machine learning. Move over annoying algorithms that forever show you dog photos after that one accidental click! The platform recommends content (for example recipes, decorating, astrology, fitness) that the user may like due to their chosen interests, it also allows the user to save and share their favourite finds for others to discover. Browse corners of the internet the usual social platforms skip over – or let other users do the work for you!

Treasure hunt

This business is diversifying its proposition for 2020’s stay home world. Usually this tech company offers an augmented reality application that enables the user to go on treasure hunts around public spaces. With public engagement on hold, they’re providing fun adventures to play among family and friends in the form of escape rooms. Users are tasked with finding hidden codes, perform fun tasks and solve riddles. This should keep the kids busy for a little while!

Fitness from home

The gym may be closed, but no one wants to walk out of lock-down twice the human they walked in!  Now is the perfect time to try some new fitness regimes.  This app is packed full of instructional videos for yoga, HIIT, barre and quick 7-minute fitness work outs. Let’s get physical!

Sports engagement for kids

Using the app, kids can learn, practice and develop new sports skills. The app is designed to inspire youth with a virtual coaching and engagement platform. App users can also upload videos of themselves performing the skills for other children to learn from.

We will see some amazing new technology emerge as a consequence of the coronavirus era, as technology continues to respond to our changing lives.

Source: www.cfcunderwriting.com


Biotech Exposures During the Research & Development Life-cycle

There are many types of life science companies involved in the research and development (R&D) of new drugs and medical devices, but they generally fall into two camps, biotechnology firms that develop the drug or device, and service organizations who help bring those products to market.

The exposures that biotechs and service organizations face will evolve throughout the R&D process, and how quickly each company moves through this journey will depend on their individual product but can take anywhere from a few months to a few years.

CFC has outlined the phases of the R&D process to help you talk to your life science clients about the key exposures they face as they discover, develop and test their products.

Click here to download the full infographic below.

Source: www.cfcunderwriting.com

 


What Can We Expect as Manufacturers Respond to COVID-19?

COVID-19 has the world’s most powerful nations in its grip, and as an increasing number of countries start to fight back, the economic impact of this novel virus is starting to compound. But what can we expect to see from the manufacturing sector as the battle rages on, and how might these responses affect risk in the future?

Panic buying drives demand and transforms business models

The increase in demand for non-perishable food products has now risen above typical Christmas levels, causing a significant knock-on effect on supply chains. Many manufacturers are now working at full capacity, having hired additional staff to help in the production of record numbers of products. For some companies, business models have been hugely affected. In their efforts to get products to consumers quickly, many have found themselves dramatically altering the way they work.

Recent changes in production methods could even bring new exposures for some companies, in terms of the increased risk of unsafe products, or products which might not meet strict quality guidelines.

Coronavirus spending patterns impact contract manufacturers

New trends in buying patterns have led to a shift in the prioritization of the products many retailers distribute. Amazon recently began prioritizing essential household items in its warehouses, meaning longer waits for those ordering non-essential items. Demand for luxury products has fallen as a result of the coronavirus, and many brands are limiting production as a result. However, as the world begins to acclimatize to its new normal, we could well see an increase in the uptake of luxury products, strengthened by this limited availability.

Lockdown and the domino effect

Many nations are in lockdown, and huge restrictions have been placed on businesses all over the world. The domino effect of these lockdown measures is set to become one of the biggest challenges of the coronavirus. A single lockdown can have a huge impact on an entire supply chain, inevitably threatening business continuity and perhaps even leading to insolvency for some.

Staff illness and isolation measures

With growing numbers of the workforce being diagnosed, it’s only a matter of time until key quality assurance staff are taken away from the front lines of operations in order to self-isolate. In terms of risk, this could spell trouble for manufacturing businesses.

Joseph Bermudez, a lawyer specializing in crisis management at Stewart Smith Law explains, “colleagues will substitute in and may inadvertently cause contamination, mislabeling, or manufacturing defect issue”.

Social distancing may slow distribution

Safe social distancing measures are making deliveries more difficult. Drivers and workers accepting goods are reluctant to get too close to one another, and as this continues it could cause additional time lags in the restocking of supplies. There might come a time where individual staff members at stores are permitted to accept deliveries only when wearing the correct personal protective equipment. Distributors too might start to put the pressure on stores to provide such equipment.

The effects of import and delivery restrictions

Significant restrictions have already been placed on the movement of individuals. We start to see these restrictions extended to foreign trade, making it more difficult, and more expensive, to import or export goods. Should countries face food shortages, we can expect manufacturers and distributors to focus their efforts on their own domestic markets. Any increases in expense or logistical challenges associated with supplying other nations could well add to their reluctance to supply other markets.

If shortages do begin to affect food availability, we might also see price increases, and a reduction in the variety of products available, as manufacturers turn their attention to maximising output as quickly as possible.

What does the future hold for manufacturers?

Sadly, none of us can say with any certainty what’s in store for businesses in the near, and more distant, future. The world’s response to COVID-19 has been dramatic, with many countries introducing increasingly draconian measures to prevent the spread of this deadly virus. But as more and more restrictions are introduced, the timeframe in which we might see a return to normality grows longer.

In the short term, business risk hasn’t changed. Yet the long-term effects of the coronavirus pandemic on businesses are likely to be far-reaching. And the impact on all of us, as individuals, may well be just as significant.

Source: www.cfcunderwriting.com


Liability Concerns from Working Remotely

As COVID-19 disrupts our economy, it’s been remarkable to watch how different businesses adapt to the new normal. Across the board, companies have been arranging their workforce for full-time remote work. These changes have been implemented with impressive efficiency, yet there are still significant areas to watch out for in terms of increased liability that comes along with a remote workforce.

  • Privacy concerns. Does your virtual meeting software of choice track whether users are “paying attention” or not? Some programs will do this by informing the organizer when certain viewers don’t have the meeting or presentation in full screen for a certain amount of time. What about the data that the attendees are generating by using the software—is it being sent to any third parties for data mining? Are “private” chats being monitored?
  • Cyber risks. Bad actors are already tying phishing and other types of messages to COVID-19 in order to entice clicks. For example, some phishing messages are even impersonating the Centers for Disease Control and Prevention or World Health Organization and offering “help” or “important updates” so that the reader clicks through. Is your workforce trained on how to resist these kinds of traps? Do all employees know to use private, secured Wi-Fi networks while working remotely? Have information technology business continuity plans been tested recently?
  • Wage and hour exposures. Adjusting to remote work can make some routine timekeeping tasks more difficult. If you have workers that usually clock in and out in the office or at a worksite, are they set up to do this easily at home now? Do they know to still record their breaks as they would if they were in the office? When appropriate, are they being reimbursed for reasonable expenses that come along with working remotely?
  • Workers compensation adjustments. When employees switch to working from home, some workers compensation insurers may want to change insureds’ classification codes.

For additional resources, visit IRMI’s frequently updated page that compiles several free online resources related to COVID-19.

Source: www.irmi.com


Blog

FOLLOW OUR BLOG

Receive notifications of new posts automatically.



ABEX - AFFILIATED BROKERS EXCHANGE IS ON FACEBOOK.

Like us on Facebook

Connect with us on LinkedIn