It was enough to change a letter in the e-mail address to deceive a postal official and score a 5 million euro heist. The state company was robbed by a group of hackers through what is called a “Bec” (Business email compromise) attack, a fraud carried out through the falsification of company emails. The computer scammers replaced the “i” of the “@microsoft” domain with an “I”, leading the payment manager to make a mistake, who thus transferred the maxi amount to the IBAN indicated in the fake “@mlcrosoft” account.
5 million hit at the Post Office: the scam
The payment was intended for the purchase of some products of the well-known IT multinational: hackers intercepted the exchange of communications between Poste and Microsoftcopying the formatting of the US company’s emails to engineer the trap through a message completely identical to the original.
Except for that small detail of the “I”, which the official did not notice by authorizing the transfer to the request to pay “the last installment of the invoice on this new Iban” (here we reported the case of the theft of 60 thousand euros from the account by replying to a simple text message).
The episode dates back to April 14, 2017 and since then the investigators of the Postal Police have been hunting for hackers and the stolen money has gone around the current accounts of half the world in a few minutes. divided into many parts so as not to be identified and for this reason now almost impossible to trace.
The first stop on the €5m transfer was a bank in Slovakia. The sum was then divided into many amounts reclaimed by the hacker gang in seven different lenders scattered across Spain, Turkey, Bulgaria, Romania, Hungary, the United Arab Emirates and Hong Kong.
At that point the criminals had nothing to do but withdraw the cash from their respective branches.
Postal specialists are continuing thefraud and money laundering investigation, coordinated by the public prosecutor Eleonora Fini. A job that the prosecutor assures is leading to results.
“The deputy attorney’s office is busy with this case. We are confident, in the short term, that we will have positive results regarding this investigation”, explained criminal expert Angelo Nanni, who is following the investigation for Poste Italiane. “We are waiting – the lawyer specified – for the investigation to be closed”.
5 million blow to the Post Office: the Business email compromise (Bec)
Corporate email compromise scams (BEC) are well known by the FBI which reveals how in the United States the money stolen in this type of fraud far exceeds “Ransomware” cyber attacks in volume of money, even if the latter can get greater visibility and also cause greater inconvenience to public services (here we talked about the latest scam emptying account via QR code).
In the event of a BEC attack, cybercriminals hack into a corporate email account and use the access to send false invoices or trick payment of contracts, prompting companies, convinced they are making legitimate payments, to actually transfer the money to criminals (here we have explained how to recognize the “empty-account” sms scam while here we have reported the fake job offer scam).
