by Paul Barnard, 610-507-6595
Over the last two weeks, two CSIA members have had their computer systems compromised. We want to put all members on notice.
The perpetrators entered the corporate computer systems and seemingly monitored the entire email network including traffic. They identified those who can authorize and execute wire transfers then appear to have waited until the person with payment authorization was away from the office. They proceeded to send an e-mail from that person to whoever makes such payments with instructions to transfer funds. In the first case, the amount involved was $18,000. In the second, it was $188,000.
The $18,000 was paid. Fortunately, in the second instance, the person who was to remit the funds sent an email to the CFO to confirm. The CFO immediately called to cancel the instructions.
We recommend that all instructions for wire transfer be confirmed verbally and that under no circumstances are any emails to be acted upon without such verbal confirmation.
In the second case, the member immediately, via verbal instructions and not via email for obvious reasons, instructed all employees to change their passwords. This did not stop a further attempt by the scammers, who then sent another email from the CFO to the controller requesting the payment be made.
We encourage all members to be wary when asked to send large sums of money. Be vigilant. If you are a recipient of these tactics, please advise us and immediately get an IT expert to work with you to stop this threat. We also suggest that you consult your insurance advisers for coverage in this regard.