Bali - Email Hijack Case USD $100,000 Lost.
If you have a business, use the Internet and you don’t want to get hacked, contact us for a free assessment of your network and computer.
Courtesy of Detiknews
The StoryA Canadian citizen wants to buy a plot of land in Bali
A notary in Badung is hired for the purchase of land
Notary sends the Canadian via email their banking info for transaction
Canadian citizen transfers first payment of USD $25,000, notary received
Hackers hijack notary email, instruct the Canadian to send the remaining balance to another account
After all transfers of around USD $100,000, the Canadian contacts notary to confirm receipts. Only one of the transfers in the amount of USD $25,000 has been received.
Read the full story
Business owners need to re-assess their network immediately to prevent financial theft such as this. Especially in Bali, foreign investments and land prices soar into millions of dollars in recent years. This draws as much attention as businesses in other parts of the world. Regardless of where you are geographically, the Internet has no border. It is the same Internet that every country and every hacker connect to.
Such tragedy could have been avoided at a minimal cost. Undeniably, overall information technology standard in Indonesia is rather poor, leaving entrepreneurs helpless and their business without protection. Hackers know this too and they use it to their advantage. This is where AFC steps in. We deliver international quality IT services to small-medium-businesses. It is not the fault of the notary or the Canadian, they are the victims. But there are things they could do better to prevent it.
The CanadianHis computer and mobile devices should be threat-free. By threats I mean spyware, malware, trojan, exploits, tracking tools, hijack tools, keyloggers, adware, dangerous apps, malicous websites, worms, and scripts. One way to make sure is to use a good anti-virus.
He should know how to read an email address as they can be masked, how to treat spam - email or SMS, what social engineering is and what techniques are used - the most common is impersonation. Topics such as these and many more are covered in a security awareness training.
Verify by phone or video call with the notary when he received new instruction to send remaining payments to a different bank account
The notaryStaff should receive the same security awareness training
Notary or any business should not be using a free email service
Email system must use a good anti-virus and a spam filter
Staff should change password frequently and it must meet password complexity
Computers should use a good antivirus and not be using pirated software
The business network should have a robust intrusion prevention firewall that blocks malicious app install, checks web ratings and reputation, blocks IP by geographic, uses a content filter and a sandbox, and actively scans network traffic for suspicious patterns
These security policies need to be enforced and checked frequently in the ever-changing battle against cyberattacks. Additionally, all devices need to be maintained regularly. This is what AFC IT Support do - we handle your network so you can focus on your business.
The notary stands to lose the most as this incident may forever damage their reputation. How much future business will they lose? That’s the true cost.
Contact us to see how we can help you. The time to act is now, before it’s USD $100,000 too late. Or more.
Translated Source: