Spear Phishing Investigations
During 2015-16 we have seen a dramatic increase in the number of businesses being attacked by hackers who have created a domain similar to the victim company's and then masqueraded as a company office bearer to extract money.
Typically this type of attack involves the CFO receiving an email that appears to have come from the MD (or similar) instructing payment of an amount of money into a bank account for some business-related reason. Often, the timing coincides with the MD being away from the office and the transaction appears to be urgent. Following an exchange of emails, the transaction is made without the MD being aware that he has supposedly authorised it. Once the bogus transaction has been identified, there is usually a flurry of activity identifying what events led to the theft and where the money has gone. These incidents often lead to reassessment of the business's IT security as well as the processes in place relating to authorisation of financial transactions above certain amounts.