The Summer of 2015 was a memorable one for California-based-company, Ubiquiti Networks; though not for a very happy reason. This is when a single reply to a cyber scam lost their company over $40 million. The scam they fell victim to was CEO Fraud, also known as Business Email Compromise (BEC).
The scam started a few months before, when a Ubiquiti accountant took a phishing email's intended action. After this, the hacker installed malware onto the accountant's computer, allowing him to monitor the employee's email for months. When the hackers thought the moment was right, they sent another email to the accountant, but this time they impersonated the CEO. As the CEO, the hacker told the employee to make a wire transfer of $47 million to a particular bank. Immediately after the accountant agreed to send the money, the hackers took the money out. In the end, Ubiquiti was only able to get $8.1 million of their loss back.
Continue reading »