Fast Resolution to a Simple Case of Email Fraud Protected Our Client’s Reputation
Incident: Business Email Compromise
Business email compromise led to athletes from one of Australia’s national sports bodies being accused of fraud and detained at the airport and accused of failure to pay invoices. A rapid investigation cleared their name and recovered their money.
- Criminals targeted a local catering business with an email compromise attack.
- Minor changes to email addresses and payment details led to payments being made honestly to the incorrect accounts.
- A local catering company filed complaints with governments bodies and caused the Australian athletes to be detained and questioned at the airport.
Our client NS is a unified national sports body in Australia. The sports association regularly tours overseas for major international sports events. Recently, a team of 40+ athletes participated in a regional championship competition in one of the countries in an ASEAN nation. It was a one-week trip and a local catering company at the competition destination was engaged to provide food for the athletes. Before travelling, everything seemed to be in order.
A deposit was paid,and the team travelled to the location.During the event, the caterer realised no deposit payment had been received. The local catering company became increasingly distraught and filed complaints with local authorities over the non-payment of invoices. The situation came to a head when the team was detained and questioned at the airport.
After the team returned home, Pragma was hired to investigate the situation and clear the organisation’s name.
- The local catering company was using ad hoc, non-commercial email.
- A short investigation revealed two PDF invoices had been subtly altered.
- Further communications with the caterers, local government, and insurers led to a recovery of the costs of the attack.
NS contacted their insurer to claim the losses, and Pragma was hired to investigate the incident. Pragma looked through various email exchanges between the caterer and NS. Two tampered PDF invoices were identified.The cybercriminal hacked into the caterer’s email, intercepted the email exchanges, edited the banking details of the first invoice, and sent it out while disguised as the caterer.
The entire investigation was conducted within the space of 5 hours. A full report was sent to the insurers. Resolution, including the recovery of the incorrect payments, happened swiftly.
Business Email Solutions
Email Logs and History
Fraud and Cyber Crime Insurance
NS suffered a potentially damaging attack on their reputation. The local caterer unwittingly blamed NS for losses. Thanks to Pragma’s rapid investigation, the fraud was revealed. Two payments totalling AUD 18,000 were recovered. NS’s reputation was restored, and more international tours can be planned.