What is known as “CEO fraud” and “business email compromise” is costing companies and individuals millions. Just ask Ubiquiti Network’s Inc. who recently suffered a devasting $46,700,000.00 fraud.
This is a big one, one of the biggest employee impersonation frauds ever.
Ubiquiti Network’s Inc. reported via SEC Form 8-K, “employee impersonation and fraudulent requests from an outside entity targeting the Company’s finance department resulted in transfers of funds aggregating $46.7 million held by a Company subsidiary incorporated in Hong Kong to other overseas accounts held by third parties.”
What is known as “CEO fraud” and “business email compromise” is costing companies and individuals millions. This is a sophisticated cyber phishing approach that targets businesses working with foreign suppliers that regularly perform wire transfer payments.
Following an investigation, “the Company, its Audit Committee and advisors have concluded that the Company’s internal control over financial reporting is ineffective due to one or more material weaknesses”.
Ubiquiti’s Chief Accounting Officer resigned.
As of today, there are no details on how this cyber crime occurred, but CEO fraud usually begins with the thieves either phishing an executive and gaining access to that individual’s inbox, or emailing employees from a look-alike domain name.
Would a full visibility plane have helped in detection in this case? Well, it would have shown what was 'normal' and what is not. By knowing the baseline traffic, companies can determine aberrant behavior and put safe guards in place. Full visibility should be part of an early alarm and used during the primary investigative process.
If you cannot see it, you will never be able to fix it!
Download, How to Determine Your Baseline Traffic, by Tim O'Neill, for a step-by-step guide with typical measurements and screen shots.