The Record Herald reported:
The Fayette County Commissioners announced Friday that hackers stole a six-figure sum from a county bank account through a targeted phishing scheme that impersonated a trusted vendor.
In a prepared statement, county officials said they were the “victim of a targeted phishing scheme in which a trusted vendor of the county was hacked, impersonated, and provided county officials with a change in the manner of payment of invoices.
”Officials believe the impostor infiltrated the vendor’s email account, “watching, lurking, and waiting for an opportunity to strike.”
Find the original article here.
Takeaway: Don't stop at adding controls, etc to prevent fraud - add an audit at the vendor process level to ensure that team members consistently follow the process.
Enroll in Training Sessions: Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat
The Fayette County Commissioners announced Friday that hackers stole a six-figure sum from a county bank account through a targeted phishing scheme that impersonated a trusted vendor.
In a prepared statement, county officials said they were the “victim of a targeted phishing scheme in which a trusted vendor of the county was hacked, impersonated, and provided county officials with a change in the manner of payment of invoices.
”Officials believe the impostor infiltrated the vendor’s email account, “watching, lurking, and waiting for an opportunity to strike.”
Find the original article here.
Takeaway: Don't stop at adding controls, etc to prevent fraud - add an audit at the vendor process level to ensure that team members consistently follow the process.
Enroll in Training Sessions: Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat