by Mike Masnick
Tue, Oct 30th 2007 9:49pm
By now, most people are familiar with how phishing scams work, usually preying on individuals and tricking them into handing over data that allows the scammers access to bank accounts or other useful info. However, scammers have been aiming a bit higher lately. One tactic is commonly referred to as "spear phishing," where scammers focus on business targets, and attempt to convince them that they're actually coming from partners or suppliers. Apparently one such spear phishing attempt nearly worked to the tune of $10 million. The scammers sent two emails to someone at the headquarters of the supermarket chain Supervalu, purporting to be from Supervalu suppliers American Greetings and Frito-Lay. Both emails claimed that their bank account info had changed and Supervalu now needed to deposit payments into different accounts. Someone at Supervalu followed the instructions, leading approximately $10 million to be deposited into the two accounts over a period of about 4 days. At this point, someone from Supervalu figured out there was a problem and alerted the authorities, who were then able to recover most of the money before the scammers withdrew it. However, it appears that no one has yet figured out who opened the accounts, though Supervalu has filed a lawsuit in order to try to get that information.
If you liked this post, you may also be interested in...
- Most Cyberattacks Are Phishing Related, Not Sophisticated Technical Attacks
- If Phishing Email Can Kill NY Power Grid, Lack Of Cybersecurity Legislation Is Not The Problem
- Oh Look, Sony Hacked Again, Site Used For Phishing
- Yet Again, Real Police Called Into Virtual World Over (Not Really) Theft Of Virtual Items
- FCC Boss Spams Facebook Friends With Make Money Now Scam