Company Pays $2.1 Million to Fraudsters in BEC Scam

Exploit: Business Email Compromise, Email Breach
Company: Waterloo Brewing Company
Industry: Food and Beverage
Location: Kitchener, ON
Source: https://www.cbc.ca/news/canada/kitchener-waterloo/waterloo-brewing-cyberattack-1.5367658

A business email compromise (BEC) attack has resulted in the Waterloo Brewery Company losing a total of $2.1 million in fraudulent wire transfers. Although the brewery believes that their system was not breached and no personal data is at risk, the financial toll was immensely heavy. Fraudsters impersonating a creditor tricked an employee into responding to emails requesting wire transfers. The emails were said to look genuine and even had company invoices attached. Remediation has begun and the brewery has taken appropriate steps to notify the proper authorities. While initiating new protocols and internal systems, Waterloo Brewery Company is now trying to recover the lost funds, however there is no guarantee and the attempt could be in vain.

BEC and other social engineering tactics are being more frequently used by cyber criminals as they imitate a trusted source to interact with and manipulate their victim into giving them network access to; steal confidential information, deploy ransomware, and financially defraud organizations and customers. With cyber criminal activity rising, it is crucial for organizations of all sizes to remain vigilante and follow policies and best practices when communicating with external & third party organizations, and handling urgent/unusual internal requests for payment via email.

Do you need help protecting your staff with Microsoft 365 security?

Microsoft office products are widely used across most business making Microsoft 365 the most targeted platform. With concerning trends of exploiting businesses through email fraud and other hidden vulnerabilities in their Microsoft Office apps, it is important to know how you can protect your staff and your business to any potential threats for Microsoft 365.

Read more about Microsoft 365 Security Today

Previous
Previous

$1.04M Lost in Business Email Compromise Scam