The scammers had insider knowledge of the deal between Lazio and Feyenoord for central defender Stefan de Vrij- they found that Lazio still owed Feyenoord € 2million. With this information, they proceeded to email Lazio requesting the funds and the bank account where the funds should be sent to. The seemingly legitimate email deceived officials at Lazio who transferred approximately €2 million to the account.
Only when Lazio directly contacted Feyenoord they realized they had been scammed. Feyenoord denied any knowledge of communication or payment from the Serie A team. From there, Italian prosecutors tracked down the Dutch bank account and realized it was not held by anyone at Feyenoord. Currently, the team is working on recovering the funds.
Unfortunately, Lazio isn’t the only organization that fell for a high-value phishing scam. Last year, employees at Facebook and Google were scammed for $100 million. The hack was held out by Lithuanian hacker, Evaldas Rimasauskas. Rimasauskas posed as a trusted Taiwanese manufacturer that both firms work with. To successfully carry out the attacked he created fake emails, invoices and directly emailed employees asking for invoices to be paid.
Phishing tactics are extremely popular with hackers as employees are usually the weakest link in a cyber-security network. For further articles on phishing and how you can protect your business consult our blog here:
Don’t forget to register for our 4th annual Camp Secure Sense here. Camp Secure Sense is geared towards helping Canadian IT Security professionals improve their security practices, and better protect their organization. Don’t wait, Camp is over 90% booked!