CASE STUDY

Fast Resolution to a Simple Case of Email Fraud Protected Our Client’s Reputation

OVERVIEW

Industry: Sports

Incident: Business Email Compromise

Business email compromise led to athletes from one of Australia’s national sports bodies being accused of fraud and detained at the airport and accused of failure to pay invoices. A rapid investigation cleared their name and recovered their money.

THE INCIDENT

SUMMARY

  • Criminals targeted a local catering business with an email compromise attack.
  • Minor changes to email addresses and payment details led to payments being made honestly to the incorrect accounts.
  • A local catering company filed complaints with governments bodies and caused the Australian athletes to be detained and questioned at the airport.

Our client NS is a unified national sports body in Australia. The sports association regularly tours overseas for major international sports events. Recently, a team of 40+ athletes participated in a regional championship competition in one of the countries in an ASEAN nation. It was a one-week trip and a local catering company at the competition destination was engaged to provide food for the athletes. Before travelling, everything seemed to be in order.

A deposit was paid,and the team travelled to the location.During the event, the caterer realised no deposit payment had been received. The local catering company became increasingly distraught and filed complaints with local authorities over the non-payment of invoices. The situation came to a head when the team was detained and questioned at the airport.

After the team returned home, Pragma was hired to investigate the situation and clear the organisation’s name.

THE RESPONSE

SUMMARY

  • The local catering company was using ad hoc, non-commercial email.
  • A short investigation revealed two PDF invoices had been subtly altered.
  • Further communications with the caterers, local government, and insurers led to a recovery of the costs of the attack.

NS contacted their insurer to claim the losses, and Pragma was hired to investigate the incident. Pragma looked through various email exchanges between the caterer and NS. Two tampered PDF invoices were identified.The cybercriminal hacked into the caterer’s email, intercepted the email exchanges, edited the banking details of the first invoice, and sent it out while disguised as the caterer.

The entire investigation was conducted within the space of 5 hours. A full report was sent to the insurers. Resolution, including the recovery of the incorrect payments, happened swiftly.

OUR RECOMMENDATIONS

Payment Confirmation

Confirm payment details with new clients by telephone or video conference.

Business Email Solutions

Implement proper email systems to protect your business from fraud and reputation damage.

Email Logs and History

Retain email records and logs to provide data for investigations if this becomes necessary.

Fraud and Cyber Crime Insurance

Insurance can help with covering the initial costs of an attack. Maintain insurance coverage to protect your funds.

THE RESULT

NS suffered a potentially damaging attack on their reputation. The local caterer unwittingly blamed NS for losses. Thanks to Pragma’s rapid investigation, the fraud was revealed. Two payments totalling AUD 18,000 were recovered. NS’s reputation was restored, and more international tours can be planned.

Previous Project
Next Project
Introducing Zero Upfront Incident Response Retainer
Learn more
This is default text for notification bar
Learn more