An FIR in the case was registered at Wanawadi police station last week by the founder and CEO of the Pune-based firm. Pune Police is investigating the case. The cybercriminals used a method known as a “man-in-the-middle” attack to trick the Pune firm.
What is “man-in-the-middle”?
A man-in-the-middle (MiTM) attack is a type of cyber attack in which the attacker secretly intercepts and relays messages between two parties who believe they are communicating directly with each other.
What is the Case/ Incident?
The Pune-based engineering firm had been in touch with a French company and an order was placed for over 51,000 euros with the sales manager of the company of French company over an e-mail.
What Happened Next?
The Pune-based firm had placed an order of over 51,000 euros with a French-based company between January and early February this year. The order was sent to the email address of a sales manager of the company, with whom the Pune-based firm had been in contact for several years.
What was the Scam?
The firm received a revised email that a regular bank was not accessible so the payment needs to be done to a new account headquartered in Lisbon. Trusting the communication, the executives of the Pune-based company paid an advance of 24,589 euros to the new Portuguese-based bank account.
However, after a few weeks, when the Pune-based company reached out to the French firm to inquire about the equipment shipment, officials from the French company stated that they had not yet received the payment. This raised suspicions, prompting verification of previous communication.
Later it was found that the changes in the account details were from a fraudulent email address that was different from the legitimate email address.
What were the changes in the accounts?
There were changes in the email address and the company failed to notice a single letter change in the email address. The legitimate email address of the French entity by just one letter (an “a” instead of an “e”).
What needs to be done to avoid such scams?
Cybercrime officials have said the following steps should be followed:
- Regularly review the mailing systems.
- Add digital signatures in email communications.
- Keep updated on ongoing cyber frauds or risks.
- Always confirm new banking details through direct or phone conversations with authorized personnel during monetary transactions.
- Verify the authenticity of domain names when interacting with businesses via email.
- In case of cheating, the cybercrime cell should be immediately contacted, possibly within 48 hours.