The business email compromise continues its reign as a top cyber threat for the enterprise, and no business or industry is safe.
Case in point: The Dublin Zoo was recently hit by the scam, with cyber thieves making off with nearly $600 million.
According to news fromThe Irish Examiner, the zoo would not confirm exactly how much was stolen, but said it was working with the Gardaí (the Irish state police), who have reportedly recovered most of the funds. The Garda National Economic Crime Bureau also confirmed it was investigating the cybercrime.
“The matter was initially reported by Dublin Zoo to the Gardaí at Cabra Garda Station, who immediately contacted the Garda National Economic Crime Bureau at Harcourt Square,” the Gardaí said last week. “Gardaí can confirm that investigations are continuing into this fraud at Dublin Zoo and can also confirm that, with the assistance of financial institutions, a substantial amount of money has been recovered in this case.”
In another statement, a spokesperson for the Dublin Zoo said the hack was “immediately” reported to Ireland’s national police service, An Garda Síochána, as well as the zoo’s bank.
“Gardaí would like to advise all businesses, both large and small, that under no circumstance should you agree to change a bank account number for a supplier based on a phone call, email or other means without verifying such change with someone that is known to you in the supplier’s company,” the Gardaí added.
The business email compromise scam intercepted legitimate supplier invoices sent to the zoo then manipulated data on the documents to change payment details and account numbers, requesting that funds be sent into a fraudulent account, according to reports.
Separate reports last month highlighted a recent string of such attacks on the art industry, as art galleries and dealers were targeted by invoice scams after cyberattackers infiltrated their targets’ emails.