The Facts
We look at how a local government employee fell victim to a phishing email that led to the fraudster being able to gain access to their email account and trick the finance department into transferring a large sum. In this case, the employee received an email purporting to be from Microsoft. The email explained that the employee's email account details needed to be verified for them to continue to use Outlook without disruption. However, by inputting their credentials the employee had inadvertently passed her details on to a fraudster.
|
|
The Result
With access gained, the fraudster got involved in an original email chain surrounding an invoice worth hundreds of thousands. By communicating from seemingly identical email address, along with a plausible excuse for changing the account details temporarily, the fraudster was able to persuade the city's finance department to transfer the money to their fraudulent account. Read the full claim scenario |