Seasonal Attacks

Imagine it’s 3 weeks till Christmas

You’ve got (e)mail! (✉)

The email says that you are due to receive a parcel delivery from FedEx. You weren’t expecting anything, but then, it’s close to Christmas. It could be something special – who could it be from? Excitedly, you quickly fill in the required details and send the email. You and your team at your conveyancing firm have been receiving an unusually high number of emails lately. It must be that time of the year, when old contacts try to connect, and banks ask you to validate information. A couple of them have clearly been phishing emails – thank goodness they were identified.

Unbeknownst to you, you’ve missed some.

Meanwhile at the other end of these phishing emails, Elliot is slowly gathering information about you and your firm. Through his multiple phishing emails, he’s managed to obtain quite a bit of information about you, your assistant and some of your colleagues. It was relatively easy to follow you from the coffee shop’s free Wi-Fi. As the ‘man in the middle’ (MITM), he’s managed to have continuous conversations with you and your client Grace. Now he’s just waiting for you to take the bait.

Finally, success! Elliot’s managed to install malware[1] into your system through one of the links you clicked on. This spyware will hide in the background and watch what you’re doing online. It records your online activities and data such as your passwords, credit card details and the websites you regularly visit. All this is happening while you remain unaware that your personal data is being compromised.

By the way, did you know that Elliot isn’t really just Elliot. He is an individual in an organised group comprising of six to seven other perpetrators existing for the purpose of theft. Not wanting to put all their eggs in one basket, at any given time, the team may be running multiple online schemes targeting many organisations. They have spent weeks planning this one, fooling different people and collecting information.

In order to perform the theft of the funds from you and your client, Grace, they have also been spending time cultivating people that can execute the transfer of these stolen funds. Abigail King looks positive as a money mule victim.

A couple of days before Christmas

The group has been busy. They’ve managed to set it up – pretending to be Grace they’ve instructed you to transfer the proceeds from the sale of her house to Abigail King. Once the settlement has completed, $250,000 is moved immediately to Abigail’s bank account. Soon after, she will transfer the money, just under $10,000 at a time, to the group’s overseas account; until she gets caught that is.

Back at your conveyancing firm the property transaction was settled several days ago, but you’ve only just realised what’s happened. The funds have gone to the account you’ve told it to go to, but that’s not the right one! You call the bank. They say that they’ll look into it.

Uncertain what to do next, you ring PEXA and inform them that your email account was possibly compromised. PEXA contacts the bank who holds Abigail’s account, ensuring no further funds can be transferred out. However, approximately $30,000 has already been transferred to an overseas account.

The bank works with their counterparts to retrieve the money. They manage to recover close to $20,000 as the remaining $10,000 has already been physically withdrawn. Just under $240,000 is returned to Grace in total, it’s not everything.

After Christmas

It’s been a few days since the incident, and because it was a phishing scam you contacted your PI insurer, they should be able to cover the money that Grace lost through your cyber security policy. As a precaution, you arrange a full review of your firm’s IT security system as well as change your passwords, and suggest that Grace, do the same. You make a mental note that in the future, you will be diligent in verbally confirm bank details, only using private secure Wi-Fi networks and being wary of phishing email scams. It may also be a good idea to install a firewall to protect your systems from malware. The biggest deterrent to a cybercriminal is attempting to break through a robust cyber security system. They will generally go for an easier target because they are financially motivated to get in and out quickly.

Cybercrime in Australia

Email is the common technique used by cyber criminals and according to the Cyber Security Review, led by the Department of the Prime Minister and Cabinet, cybercrime costs the Australian economy approximately AUD 1B per annum.

The Australian Criminal Intelligence Commission (ACIC) states that Australia is an attractive target for serious and organised crime syndicates, and because of the lucrative financial gains, cybercrime is a serious threat.  According to some experts, the majority of hackers are affiliated in one way or another to organised groups. They operate like a legitimate business with people who have a range of skills working towards a common goal.

Some organised groups receive direction and support from nation states – who exist with the purpose of stealing data, disrupting operations or destroying infrastructure. The state sponsors a coordinated attack with the intention of acquiring intellectual property or government data, many of these groups are a part of a collective ‘army’.

In this fictional story, Elliot does not belong to a nation state. He is a member of an organised group, that exist for the purpose of theft. It is highly likely that this group do not reside in Australia and like most others, live a lucrative lifestyle off the stolen proceeds. The reality of this story is that it can happen to you, and that being aware, and putting in the right cyber security controls can stop you from becoming another cybercrime statistic.

[1]Malware is malicious software, written with the intent of doing harm to data, devices or people.