Australian millionaire loses $1 million to major e-mail scam

Australian millionaire loses $1 million to major e-mail scam

Phishing attack targeting financial organisations using SHTML file attachments

An Australian millionaire lost $1 million to an e-mail scam after hackers impersonated him and tricked one of his account managers to transfer the sum to an account held by a British man.

The British man claims he himself is a victim of an e-mail scam as he conducted transactions on the advice of a third party with whom he interacted with online for four years.

Recently, Christine Campbell, who manages one of John Kahlbetzer, the Australian millionaire’s accounts, received an e-mail from him asking her to transfer $1 million from his account to one David Aldridge, a British citizen. Kahlbetzer is on Forbes’ list of Australia’s 50 richest people and has a net worth of $950 million.

Campbell, who regularly received such e-mails from Kahlbetzer, complied. However, it later turned out that the sender of the e-mail wasn’t Kahlbetzer himself but an impersonator who made the e-mail look like it came from him.

According to Bloomberg, the e-mail address used by the impersonator was ‘one character different’ from Kahlbetzer’s own e-mail address but it was made to appear exactly like his e-mail address on the screen. After the funds were deposited in his account, Aldridge transferred $82,600 to one of his bank accounts and transferred the rest of the money to accounts located in th UK, Nigeria, the United States, Hong Kong, the U.A.E., and Ghana.

Kahlbetzer has sued Aldridge to recover the entire sum but Aldridge says he can only return the amount that he transferred to his own account since he transferred the rest of the sum as per instructions received from his ‘girlfriend’ with whom he interacted online for four years.

While it is for the courts to decide how much money Aldridge will need to return to Kahlbetzer, what is concerning the cyber security world is how easily scamsters can steal money from vulnerable netizens by impersonating people and using identical e-mail addresses to get funds transferred to their own accounts.

This incident reminds us of a similar one involving global giants Google and Facebook that came to light earlier this year. Between 2013 and 2015, a Lithuanian national impersonated a vendor company named Quanta Computer on e-mails and demanded payments for goods and services from Google and Facebook employees. Employees at both companies subsequently transferred up to $100 million to offshore bank accounts owned by the scamster.

While the fact that a scamster was able to trick Google and Facebook employees into transferring funds to his own account was significant enough, it was drowned out by the fact that both companies decided to hide the fact from investors for long periods. Many questions were raised about their disclosure habits, but few were raised about how easily they were tricked.

‘I understand the dynamic. You don’t want to provide a road map to future hackers into your system. But that doesn’t excuse not disclosing an event if it’s material,’ said said Mary Jo White, a former head of the SEC to Fortune.

Referring to the latest episode involving the Australian millionnaire, Steve Malone, Cyber Resilience Expert at Mimecast, has highlighted how the menace of cyber-impersonation has impacted more people around the world than most experts believe.

‘The theft of $1 million makes it loud and clear just how real and dangerous impersonation attacks are. According to the latest Mimecast ESRA figures, these attacks have risen by 50% in the last quarter alone, 7 times more often than missed email-borne malware.

‘Often overlooked by information security providers, impersonation attacks are an easy and effective way to gain trust through a combination of social engineering and technical means. The only way to remain safe is to be cyber resilient. Businesses must help employees with role-specific behavioural conditioning and smarter email security technologies, to ensure they are vigilant and well equipped to report unusual activity,’ he said.

Copyright Lyonsdown Limited 2021

Top Articles

Is your security in need of an update this Cybersecurity Awareness month?

Cyber security experts tell teiss about the evolving threat landscape and how organisations can bolster their cyber security defenses

A new case for end-to-end encryption

How a hacker group got hold of calling records and text messages deploying highly sophisticated tools that show signs of originating in China

Telcos in Europe put muscle behind firewalls as SMS grows

Messaging is set to be one of the biggest traffic sources for telcos worldwide prompting them to protect loss of revenue to Grey Route practices 

Related Articles

[s2Member-Login login_redirect=”” /]