Podlaski Voivodship Roads Authority poorer by 3.7 million zlotys
We have repeatedly warned Bitdefender anti-virus software manufacturer about digital attacks on companies. However, it turns out that the simplest methods of extortion can seem to be the most effective in some cases. A few days ago , the Podlasie Voivodship Road Administration fell victim to a scam for PLN 3.7 million . According to the hazardnik.pl portal, PZDW computers have not been infected in any way, and the security firewalls have not been defeated. It was simply believed in a false document announcing the change of the account number to which the transfer was made.
The message, according to the source, was written on the contractor's corporate paper, along with the counterfeit signature of the president. Someone, a few days before the payment of remuneration for making a road investment, impersonated the contractor and sent the company information about changing the bank account number. The letter was prepared and prepared in a very reliable way: it had a stamp and a forged signature. It did not arouse anybody's suspicion, so the company was not called and this information was not verified. The case went to court and the prosecutor's office deals with it, but at the moment there are no suspects.
It was not disclosed on whose account the money went, but you can guess that the account was founded on fake data. An employee who made a transfer to a fake account, according to the source of poranny.pl, was immediately dismissed disciplinary. This may indicate the existence of some regulations on changes in counterparties' bank account numbers, because otherwise there were no grounds for dismissal.
A similar story happened two years ago in the Warsaw subway. Metro then lost 560 thousand. Golden. In a similar way, the Ryanair airline was also imported, which made a transfer to an incorrect account of $ 5 million. Thanks to the cooperation with the banks, it was possible to "block" money before it was paid out. Can PZDW also count on such help? We'll probably find out soon.
At the moment, the coverage of the losses will be charged to the voivodship budget, which may mean that the cash has been collected. It should be remembered that the change of the bank account number should be confirmed by an independent communication channel, eg by telephone to the contractor to the contact number entered in the contract, not a letter or e-mail to the contact person who is responsible for the order. It should also be remembered that companies are threatened with various dangers - as the Bitdefender software developer recently reported, French companies have been the victim of a spam attack, where a message was sent with an attached invoice, which in fact turned out to be a malicious program. Such a malicious program can not only extort user data, but also capture information about logging in to your bank account and others. That is why it is worth sensitizing employees to such messages and remember to update antivirus and anti-malware protection.
source: Bitdefender, based on article from www.niebezpiecznik.pl
Learn more about our offer
We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.