Nikkei, one of the largest media companies in Japan, with an empire spanning broadcasting, digital media, magazines, and newspapers such as the Financial Times, says that its US subsidiary, Nikkei America, has been scammed out of $29 million.
In a press release, the largest independent business media group in Asia which lends its name to Japan’s leading stock index, revealed that an employee of its American subsidiary had been fooled into transferring the money into a bank account after a fraudster posed as a Nikkei management executive.
The scammer struck in late September, adding Nikkei America to the long list of well-known organisations who have been duped in recent years via business email compromise.
Just a few months ago, the Financial Crimes Enforcement Network (FinCEN), part of the US Department of the Treasury, warned that in less than two years it had documented 32,000 cases of attempted theft via Business Email Compromise (BEC), amounting to a staggering $9 billion since September 2016.
The most elementary BEC scam sees fraudsters impersonate company executives via email in an attempt to dupe workers into transferring funds.
In other attacks, the scammer may pose as a vendor and, after spying on email accounts to learn about suppliers and projects, send a fraudulent invoice which requests payment to a bank account under the control of a criminal.
Technology can play a part in making it harder for BEC scammers to succeed in their attempts to steal millions of dollars, but it should always be accompanied by staff training and a framework of policies and procedures that are followed by every worker inside a company – regardless of their seniority.
Although Nikkei says that it recognised that it had likely been the victim of fraud “shortly after”, it unfortunately wasn’t quick enough to prevent $29 million from being stolen.
According to Nikkei, it is “taking immediate measures to preserve and recover the funds that have been transferred, and taking measures to fully cooperate with the investigations.”
tags
Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.
View all postsNovember 14, 2024
September 06, 2024