On May 4, 2020, a threat actor used a compromised Organizational email account to fraudulently request a large wire transfer. The employee(s) who received the wire transfer request sought verbal confirmation from the requestor. Upon doing so, it was discovered that the request was fraudulent. The Organization?s investigation determined that the threat actor had access to two email accounts between April 7 and May 20, 2020. The email accounts contained personal information which would have been accessible to the attacker. It is reported that the email accounts were compromised by a phishing attack.
File Type:
pdf
File Size:
611 KB
Categories:
2021