Cyberheist Nets 44 Million In Single CEO Fraud Attack


#1

Ouch.

In this case the attackers had been in the system and learned the rules, policies and procedures before the money move. It would be difficult for the target CFO to defend against this if the request was within normal procedures, however the procedures should include at least a phone call (2nd factor) when moving this much money, even if it’s not an unusual amount.


(Justme) #2

Ouch indeed. One person at any company should not have the sole authority to move that much money in my opinion. There should be checks and balances (like 2 factor auth) to ensure the transfer is legit.


(Edwin Eekelaers) #3

Over here if the amount of $$ goes above a certain level a second higher up person has to approve.


(Mpeli Mtowa) #4

I think in this day and age of electronics where ever we go the human firewall is an essential piece to any enterprise. I see it too often ignored or just performing bare minimum in orgs private and government where I live. There are many untracked and unannounced breaches that the public are kept in the dark about too over here. Whenever I can I try to bring such awareness but it is slowly being recognized.


(Joe) #5

I agree there needs to more approvals in place when it comes o that kind of money Hell I need approval to spend over 50 bucks from my wife lol


(Edwin Eekelaers) #6

My wife does it for my own safety since she knows i have a rather expensive taste when it comes to all sorts of electronic things… Ideally she’d slap me with an electronics store restraining order ( don’t get close to a shop or … )