July 8, 2015 at 23:32Hedge Fund Loses $ 1.2 Million Due to Phone Scammer
The London hedge fund Fortelus Capital Management was the victim of a telephone fraudster who was able to steal $ 1.2 million using social engineering, writes The Secret of the Company. The method by which an attacker was able to steal money has long been known - here the "weak link" is not a computer system, program or hardware, but a person, in this case an employee of the fund.
The attacker called Fortelus Capital Management and introduced himself as an employee of Coutts private bank. At the same time, the fraudster said that he revealed some unauthorized actions with the bank accounts. Fund’s chief financial officer Thomas Meston generated special codes for the subscriber, with the help of which the “bank employee”, in his own words, canceled 15 suspicious payments. The next day, it turned out that the “bank employee” was able to steal $ 1.2 million using the same codes.
After the fraud was revealed, the Fortelus Capital Management fund demanded compensation from its financial director. Thomas Meston has already given over $ 100 thousand, and will work for a long time both without wages and without bonuses.
According to information security experts, this case clearly shows that the weak link in the system may not be technology, but a person. “Employees of the companies believe that only the software package is responsible for security, but in reality it is not at all,” said Jason Ferdinand, director of the MBA course on cybersecurity, director of Coventry University.
The attacker called Fortelus Capital Management and introduced himself as an employee of Coutts private bank. At the same time, the fraudster said that he revealed some unauthorized actions with the bank accounts. Fund’s chief financial officer Thomas Meston generated special codes for the subscriber, with the help of which the “bank employee”, in his own words, canceled 15 suspicious payments. The next day, it turned out that the “bank employee” was able to steal $ 1.2 million using the same codes.
After the fraud was revealed, the Fortelus Capital Management fund demanded compensation from its financial director. Thomas Meston has already given over $ 100 thousand, and will work for a long time both without wages and without bonuses.
According to information security experts, this case clearly shows that the weak link in the system may not be technology, but a person. “Employees of the companies believe that only the software package is responsible for security, but in reality it is not at all,” said Jason Ferdinand, director of the MBA course on cybersecurity, director of Coventry University.