Hacker waits undetected before attempting to steal client funds

  • Posted by Andrew Kelly
  • On February 19, 2020

“I am not in the office today, my boss has advised that I requested money today and I haven’t.  I want to get this cleared up as soon as possible.”

This phone message was left by an alarmed Staff Member of one Client on a Friday afternoon at 4:21pm. As they use the AddCash line of credit service they are able to request money at any time to cover business outgoings such as wages, supplier payments and taxes.

Earlier in the day the AddCash Manager had received an email directly from the Staff Member titled “Urgent Funds” which read:

“Please confirm how much funds available. An urgent payment needs to be settled”.

The AddCash Manager advised by return email that $5k was available and would transfer this amount at 3:00pm. Immediately before funds were due to be processed the Staff Member emailed again:

“Please transfer $5k to the below. Will send docs later.” A new bank account number was detailed in the email below complete with account name and number, institution and branch contact information.

A quick phone call revealed the Staff Member was not in the office that day. Their Boss said they must be working from home and if they have requested funding to please send anyway to the normal bank account.

Funding was processed and the AddCash Manager emailed the Staff Member to advise money could only be transferred to the bank account verified for the Client’s business. This email and earlier emails were never received.

After a phone call from their Boss, the Staff Member left the alarming phone message at 4:21pm. The AddCash Manager quickly returned the call and shared details of the email exchange earlier that day. An intended day off leading into the weekend had become a complete disaster. There were so many unanswered questions.

An IT specialist had to be engaged who later revealed that the Staff Member’s email had been hacked. A rule had been created by the Hacker to automatically delete all emails from AddCash. They then communicated directly from the email account impersonating the Staff Member.

It became clear that the Hacker was undetected for some time, waiting and monitoring the Staff Member’s emails. They identified AddCash as a funding source and singled out the Manager as the key contact who could authorise funding requests. We also believe it was an intentional strategy by the Hacker to instigate their attack on a Friday afternoon to change the bank account details at the last possible moment.

In this example, AddCash's strict policies stopped funds getting into the wrong hands. How prepared are you and your clients at preventing serious cyber threats?

Cyber threats are serious and growing and will change the way businesses are assessed for finance by all Lenders. Asset values and serviceability will not be enough. Lenders will require assurances that money will not disappear. 

Please contact us should you like to more about how AddCash Customer Invoice Finance can assist your business.


Free eBook: Is Customer Invoice Finance right for your business?