Credit: Thinkstock Ubiquiti Networks Inc., the San Jose based manufactured of networking high-performance networking technology for service providers and enterprises, announced in its fourth quarter fiscal results that it was the victim of an email business fraud incident resulting in the loss of $39.1 million dollars.In its Form 8-K filings to the SEC the company stated it became aware on June 5th 2015 that it was the victim of a “criminal fraud”. It appears a member of staff in one of its subsidiary companies based in Hong Kong fell victim to what is known as a “CEO scam” or a “Business Email Compromise (BEC) attack.As outlined in this Brian Kreb’s post, CEO scam is where criminals either hijack or impersonate the email of a senior member of staff within the organization. They then target someone in the financial department, or who has authority to initiate wire transfers, and fool them into transferring large amounts of money from the company’s bank accounts into bank accounts controlled by the criminals. Very often the emails will state a vendor, or other entity the target company deals with, has changed their banking details and future payments should be transferred the accounts which the criminals control.In its SEC filing, Ubiquiti Networks outlines how the fraud occurred and says “The incident involved employee impersonation and fraudulent requests from an outside entity targeting the Company’s finance department. This fraud resulted in transfers of funds aggregating $46.7 million held by a Company subsidiary incorporated in Hong Kong to other overseas accounts held by third parties.” When it became aware of the breach, Ubiquiti Networks contacted their financial institutions and also law enforcement agencies. So far have recovered $8.1 million of the stolen money with an additional $6.8 million “currently subject to legal injunction and reasonably expected to be recovered by the Company in due course”.Ubiquiti also conducted its own independent investigation with the assistance of external third parties which concluded on July 17th. That investigation “uncovered no evidence that our systems were penetrated or that any corporate information, including our financial and account information, was accessed. The investigation found no evidence of employee criminal involvement in the fraud” but that “the company’s internal control over financial reporting is ineffective due to one or more material weaknesses.” The company has subsequently “implemented enhanced internal controls over financial reporting since June 5, 2015 and is in the process of implementing additional procedures and controls pursuant to recommendations from the investigatioin”. Ubiquiti are not the first company to fall victim to such an attack. These type of attacks have become so common that in January of this year the FBI issued a warning to businesses to be aware of these attacks. In its warning the FBI state that there were 2126 victims of this type of fraud in 2013, with 1198 being in the United States, with losses totalling up to $214,972,503.The FBI gives the following advice to avoid falling victim to this scamAvoid Free Web-Based E-mail: Establish a company web site domain and use it to establish company e-mail accounts in lieu of free, web-based accounts.Be careful what is posted to social media and company websites, especially job duties/descriptions, hierarchal information, and out of office details.Be suspicious of requests for secrecy or pressure to take action quickly.Consider additional IT and Financial security procedures and 2-step verification processes. For example -Significant Changes: Beware of sudden changes in business practices. For example, if a current business contact suddenly asks to be contacted via their personal e-mail address when all previous official correspondence has been on a company e-mail, the request could be fraudulent. Always verify via other channels that you are still communicating with your legitimate business partner.Out of Band Communication: Establish other communication channels, such as telephone calls, to verify significant transactions. Arrange this second-factor authentication early in the relationship and outside the e-mail environment to avoid interception by a hacker.Digital Signatures: Both entities on either side of transactions should use digital signatures. However, this will not work with web-based e-mail accounts. Additionally, some countries ban or limit the use of encryption.Delete Spam: Immediately delete unsolicited e-mail (spam) from unknown parties. Do NOT open spam e-mail, click on links in the e-mail, or open attachments. These often contain malware that will give subjects access to your computer system.Forward vs. Reply: Do not use the “Reply” option to respond to any business e-mails. Instead, use the “Forward” option and either type in the correct e-mail address or select it from the e-mail address book to ensure the intended recipient’s correct e-mail address is used.Given the impact such an attack can have on a businesses it would be prudent for companies to review their internal financial controls and ensure effective security awareness training is given to staff with key roles in the organisation. Related content news Multibillion-dollar cybersecurity training market fails to fix the supply-demand imbalance Despite money pouring into programs around the world, training organizations have not managed to ensure employment for professionals, while entry-level professionals are finding it hard to land a job By Samira Sarraf Oct 02, 2023 6 mins CSO and CISO CSO and CISO CSO and CISO news Royal family’s website suffers Russia-linked cyberattack Pro-Russian hacker group KillNet took responsibility for the attack days after King Charles condemned the invasion of Ukraine. By Michael Hill Oct 02, 2023 2 mins DDoS Cyberattacks feature 10 things you should know about navigating the dark web A lot can be found in the shadows of the internet from sensitive stolen data to attack tools for sale, the dark web is a trove of risks for enterprises. Here are a few things to know and navigate safely. By Rosalyn Page Oct 02, 2023 13 mins Cybercrime Security news ShadowSyndicate Cybercrime gang has used 7 ransomware families over the past year Researchers from Group-IB believe it's likely the group is an independent affiliate working for multiple ransomware-as-a-service operations By Lucian Constantin Oct 02, 2023 4 mins Hacker Groups Ransomware Cybercrime Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe