By Gary Sadler
2nd Mar 2017
Risk2Value (R2V) have provided details of a pertinent Cyber Crime incident from the education sector. There can be no argument that cyber crime is on the increase. The insurance market has responded well and there are a number of products available to reimburse losses. However, as with some other types of insurance, it is often difficult to offer examples that are relevant to the education sector.
This is a very recent example of a successful attempt to obtain personal data, which was used in a fraudulent manner against a number of employees at an education institution.
Stage 1. A branded and convincing ‘phishing’ email was sent to a number of employees, informing them that they were to receive an increase in salary. Given the current economic situation, the amount of the increase was relatively generous. The email notification was sent in the middle of the month.
Stage 2.The email asked the recipient to ‘click’ into an equally convincing copy of the staff intranet login screen. The employees then signed in and their personal details were passed to the fraudster, just before the web page issued an error message (as it did not actually exist).
Stage 3. The fraudster was able to access each employee’s personal data on the real intranet site. Their bank account details were altered to divert salary received at the end of the month to a third party bank account.
Thankfully, only a small number of the targeted employees responded but the total amount taken was over £20,000.
As an addendum to this case, the bank account used as the ‘mule’ account for this fraud was stolen. The fraudster again sent a phishing email to students, offering lucrative part time work as a ‘fund collector’ to handle payments received from the main fraud. Those students who responded were asked to provide their CV, email address, bank account details (for payments to them), and other personal details. When the funds stolen from the employees were expected to arrive in the ‘mule’ account, the fraudster emailed the individual to arrange transfer to the fraudster’s own bank account.Lessons Learned
If you would like to find out more about the insurance products available in this area, please do speak to your current broker/insurer for further details.