The Lincoln Project, a US political action committee (super PAC), fell victim to a business email compromise (BEC) attack that defrauded them of $35,000.
BEC scams are widespread and primarily affect businesses and organizations. In a nutshell, hackers impersonate another enterprise or person and trick the victims into paying false invoices, making changes to existing payments, and many similar scenarios.
These scams all start the same. Somehow, hackers take over a legitimate email, which helps give their request an air of legitimacy. Scams vary in complexity, but criminals may even go so far as to set up spoofed websites and even deploy malware.
According to a RawStory report, criminals took over an email belonging to a vendor and sent false invoices to multiple other organizations, including The Lincoln Project.
"A vendor's email was hacked, with the hackers producing authentic-looking invoices that were sent from our vendor's legitimate email account. The hack affected multiple clients of the vendor, including Lincoln Project," spokesman Greg Minchak told Raw Story. "Transactions did not impact our operations in any way in the fight for a democratic future for our nation."
Of course, the affected organization immediately took action and notified the bank that they had made fraudulent payments following a BEC attack.
"This included notifying our bank's fraud department and implementing new procedures to confirm invoices and payments. Since it was the vendor that was hacked, we are letting them and our bank's fraud department lead any investigation."
The organization lost $35,000, but the investigation is still ongoing. The Lincoln Project did not reveal the name of the affected vendor that sent the fraudulent invoices to multiple other organizations.
tags
Silviu is a seasoned writer who followed the technology world for almost two decades, covering topics ranging from software to hardware and everything in between.
View all postsDecember 24, 2024
December 19, 2024
November 14, 2024