$1.5M Cyber-Heist Typifies Growing Threat
After nabbing $1.5 million from a bank account, cyber criminals forced Efficient Escrow of California to close its doors and lay off its entire staff . Using a form of “Trojan horse” malware, the thieves gained access to the escrow company’s bank data.
Once the hackers broke in, they wired $432,215 from the firm’s bank to an account in Moscow. Then, they completed two more transfers totaling $1.1 million to banks near the Russian border in the Heilongjiang Province in China.
The company recovered the first transfer, but not the next two. They were shocked to discover that banks handle commercial accounts differently from consumer accounts. Banks are under no obligation to recoup losses in a cybertheft against a commercial account! That meant a loss of $1.1 million, less than half the amount they expected to clear that year. The business was unable to replace the funds, and state regulators shut down the company less than three days after the loss was reported.
Net result? With no immediate way to return their customers’ money, the two brothers who owned the firm lost their nine-person staff and faced mounting attorneys’ fees almost equal to the total funds recovered.
Avoid Getting Blindsided
Hacks against big boys like Target, Home Depot and Sony get more than their share of public attention. However, cyber-attacks on small and medium-sized companies often go unreported, and rarely make national headlines.
Don’t let this lull you into a false sense of security. The number of crippling attacks against everyday businesses is growing. Cybersecurity company Symantec reported that 52.4% of “phishing” attacks last December were against SMEs – with a massive spike in November.
Here are just a few examples out of thousands that you’ll probably never hear about:
- Green Ford Sales, a car dealership in Kansas, lost $23,000 when hackers broke into their network and swiped bank account info. In less than 24 hours, they added nine (9) fake employees to the company payroll. Before the company caught on, the hackers paid the fake employees a total of $63,000! Only some of the transfers could be canceled in time.
- Wright Hotels, a real estate development firm, had $1 million drained from its bank account after thieves gained access to a company e-mail account. Information gleaned from e-mails allowed the thieves to impersonate the owner and convince the bookkeeper to wire money to an account in China.
- Maine-based PATCO Construction lost $588,000 in a Trojan horse cyber-heist. They managed to reclaim some of it, but that was offset by interest on thousands of dollars in overdraft loans from their bank.
Why You’re A Target – And How To Fight Back!
Increasingly, cyberthieves view SMEs like yours and mine as easy “soft targets.” That’s because all too often we have:
- Bank accounts with thousands of dollars.
- A false sense of security about not being targeted.
- Our customers’ credit card information, social security numbers and other vital data that hackers can easily sell on the black market.
If your business doesn’t currently have a “bullet-proof” security shield and you don’t want your company to become yet another statistic in today’s cyberwar against smaller companies, you MUST take action without delay – or put everything you’ve worked for at risk. The choice is yours.
Here are three things you can do right away:
- Remove software that you don’t need from any systems linked to your bank account.
- Make sure everyone with a device in your network NEVER opens an attachment in an unexpected e-mail.
- Require two people to sign off on every transaction.
Let Us Help
When it comes to defending your data, whether it’s bank account information, customer and employee records or proprietary intellectual property or processes, Do NOT take chances. Our experience and track record in keeping our clients’ data safe speaks for itself:
A few months, when an employee opened a spam message, one of our clients got hit by an older Ransomeware called CryptoDefender. We were able to use a decryption utility to recover most of the data. Unfortunately, their customer database, which is housed in a third party software, was corrupted by the encryption/decryption. Because of their BELNIS back-up plan, we were able to restore a copy from less than an hour before the ransomeware started running and restored the data into use! With BELNIS Back-up, their data was secured by a reliable incremental backup that prevented a significant loss.
Through the end of December, we are offering our Cyber Security Assessment at no cost to 10 companies in the Richmond Metro and Tri-Cities areas. Call me at 804-796-2631 or e-mail me at [email protected] TODAY. We can only offer this valuable service to the first 10 companies that apply.