In April 2020, the world's largest sovereign wealth fund discovered that they had been defrauded of over $10 million after falling victim to a business email compromise scam during communications about a transfer which was intended for a micro-finance institution in Cambodia in March.
The sophisticated scheme involved spoofing email addresses, fabricating payment information and then directing the stolen cash into a bank account controlled by the attackers. Allegedly the diverted funds were channeled into a bank account in Mexico under the same name as the micro-finance institution.
The delay in detection was linked to the pandemic, the attacker changed expectations as to when the money would arrive by sending the micro-finance company an email falsely attributing any delays in receipt of funds to the COVID-19 lockdowns.
Want to discuss this case? You can purchase a 30 minute conference call with our analysts to discuss this case and the implications it has for your organisation. Just select the time and date that works for you:
We've done the analysis so you can make the decisions