Case Study: Company hit by email fraudsters

A business savvy company lost over £12,000 to email fraudsters.

We all like to think that this wouldn’t happen to us, we would spot a fake email, we would do more
checks etc. In the real world however, hackers are getting better at impersonating and manipulating
people.


Our clients have been running their Lancashire based business since 1997. Bandicoot provided them
with IT support since July 2018 with our basic package which includes antivirus, managed security
updates and “pay as you go” IT Support.


In April 2022 a member of staff unfortunately entered their Microsoft 365 login details in a fake site
after receiving a phishing email. The hacker proceeded to use the credentials to send emails from
the compromised mailbox with the intention of spear phishing a contact of theirs, probably to have
any outstanding payments redirected to their bank account.


Bandicoot locked the hacker out immediately by resetting the client’s passwords and advised that
we enable Multi Factor Authentication on all accounts, which the client agreed to. They also agreed
to consider upgrading their subscription to our Peta package so that we can filter their emails and
provide staff with phishing awareness training etc.


A quick upgrade would have proved a good investment for our clients because although their
mailbox was now safe from future hacking, the hacker had already been into their mailbox and
found information about their suppliers. Armed with this information, the hacker was able to get to
work on some clever social engineering to use in a spear phishing attack. He/she put a lot of time
and effort into creating a domain name and signature that closely resembled the suppliers. The
hacker then opened dialogue, impersonating a trusted, long-standing supplier, following on from an
earlier conversation regarding outstanding statement.


Communication went on for several days, using duplicitous charm and patience, followed by
pressure, insinuations about the company’s ability to pay and integrity; all designed to create
emotion and prevent our clients from responding in a calm and logical way. At one point our client
did ask for copies of invoices to check against their accounts. Although the hacker did not actually
have any current information about the account, he/she was ready with an excuse i.e., that their
‘systems were down’ and couldn’t forward copies of invoices at that time.


Using these tactics, the hacker got our client to identify the outstanding amount and send payment
to a new bank account.


Following their initial security breach, our clients were unfortunately too busy with end of year
accounts to focus on upgrading their IT support subscription to our Peta package. They got in touch
after they were duped by a cloned email and had sent £12,400.00 to an imposter.


Bandicoot looked at the email conversation and immediately spotted the switch in domain name.
Passwords were all reset again, PCs were scanned by two antivirus engines and a recommendation
again to switch to our security focussed IT Support package – Peta.


There are valuable lessons to be learned from this case study about recognising the vulnerability of
your people, and commissioning appropriate IT Security to stay ahead of the fraudsters. We
recommend that all clients subscribe to our Peta package which has several security benefits as well
as unlimited remote support, making staff more likely to call us with concerns, rather than be
concerned about the time and price.


Peta clients also receive automatic Office 365 backups for their mailboxes, OneDrive SharePoint and
Teams. They receive phishing awareness training, a mouse mat to remind them of the five rules to
respond to an email and email filtering which captures most scam emails before they even reach
your mailbox.


To find out more about our IT support packages visit www.bandicoot.co.uk


To receive a free copy of our Cybersecurity booklet visit www.bandicoot.co.uk/booklet

Related Resources