A Chinese hackers team stole 18.3 million dollars (Rs. 130 Crore) from the Indian arm of Italian company Tecnimont SpA by taking local managers into confidence that the money was required for an acquisition, one of the biggest cyber heists in the country, the Economic Times reported.
The hackers sent emails to the head of Tecnimont Pvt Ltd, the Indian subsidiary of Milan-headquartered Tecnimont SpA, through an email account that looked deceptively similar to that of group CEO Pierroberto Folgiero, according to a police complaint, which ET has seen. According to people in the know, the email’s wording imitated the writing style of the group chairman. Other communications that purported to come from various executives were similar in nature as the hackers may have managed to penetrate the IT system and study their emails.
“In addition to masking email addresses, hackers in the past have used malware to penetrate and monitor email communications,” said Dhruv Phophalia, managing director, Alvarez & Marsal India. “This enables them to gather information, learn writing styles and language used by a user in email communications and replicate them in the spoofed emails.”
The report mentioned that the hackers then arranged multiple conference calls to talk about a possible “secretive” and “highly confidential” acquisition in China. As per the complaint lodged by Tecnimont Pvt Ltd to the Mumbai Police’s cybercrime unit, a lot of people played various fraudulent roles during these telephonic conferences, hiding behind fakes identities, pretending to be the group CEO, a high profile Switzerland-based lawyer and other senior members of the company.
According to the newspaper, Tecnimont has launched a forensic investigation into the fraud and has hired legal and security firms to look into the matter.
Logix Infosecurity being into data security domain since last 18 years is helping clients with such domain as well as email phishing perils, with the preventive or corrective security measures companies can incorporate. Our Email Security service helps organizations combat these threats through advanced perimeter defenses and proprietary SkepticTM technologies.