Contact Us

Kyocera Cyber prevents a highly sophisticated money transfer Phishing campaign

Kyocera Cyber prevents a highly sophisticated money transfer Phishing campaign.

Kyocera’s cybersecurity team assisted a customer targeted with yet another well organised phishing attack.

We’ve all heard about phishing attempts where an employee receives an email purportedly from the CEO, asking for the transfer of a large sum of money to an unknown account. This straightforward yet suspicious approach usually raises alarm bells and tends to be unsuccessful.

However, in this instance a transfer was seemingly being requested by a senior member of the business. It had an elaborate email chain attached to it between multiple parties within the customer estate. This went into considerable detail about an existing supplier, which had recently featured in the press regarding a takeover. As a result, according to this email, the supplier had new payment requirements. This forms a coherent and quite plausible narrative.

Fortunately, the customer was suspicious and called our cybersecurity professionals in to investigate. The team forensically went through the logs and spotted the slightest error in email address (an “e” missing) and found the email chain had been intercepted by a compromised third party hence making the chain more plausible. The team confirmed that this was a sophisticated phishing attempt, checked that there were no breaches in the customer’s IT estate and ensured no fraudulent financial transactions had occurred. The team took protective actions by scrapping the email chain from the systems to prevent further issue and blocking the suspect domains and IP addresses.

This incident demonstrates the amount of research and personalisation criminals put into making phishing work, to try and fool even the most alert employees into believing something is authentic. It’s surprisingly easy for criminals to craft these “social engineering” narratives, as information like your suppliers, employee names and contact details, and mergers and acquisitions can all be found on your website, through social media and elsewhere on the internet.

Employee training is key to preventing these phishing attempts from being successful. As a managed cybersecurity provider, we provide learning and simulation services to train staff to be on the lookout for even the most sophisticated social engineering attempts, as well as providing the investigation of suspicious activities and defence against active threats.

Under attack? Get help from THE Cyber team.

GET HELP

Cyber Files.

Suspicious minds reduce cyber crimes

Suspicious minds reduce cyber crimes

Read the cyber file >>
A Torrent of PUPS

A Torrent of PUPS

Read the cyber file >>
Red Teaming triggers tests – Kyocera Cyber

Red Teaming triggers tests – Kyocera Cyber

Read the cyber file >>
Kyocera solves the riddle of the man-in-the-middle

Kyocera solves the riddle of the man-in-the-middle

Read the cyber file >>
Kyocera Cyber prevents a highly sophisticated money transfer Phishing campaign

Kyocera Cyber prevents a highly sophisticated money transfer Phishing campaign

Read the cyber file >>
Kyocera Cyber thwarts elaborate phishing campaign

Kyocera Cyber thwarts elaborate phishing campaign

Read the cyber file >>

Cyber Solutions.

Managed Endpoint Detection and Response.

Protect your business against the latest cyberthreats with our Managed Endpoint Detection and Response (M-EDR) service.

LEARN MORE

Managed Phising Defence.

Our managed service tackles the challenges faced by IT teams in educating and maintaining cyber security awareness within organisations.

LEARN MORE

Cyber Assessments.

The nature and complexity of cyber security threats are increasing, IT teams need to have the tools and functionality to combat them.

Our cyber assessments cover three levels and are designed to be applicable irrespective of the size of the company.

LEARN MORE