Online security is an issue that has increasingly become a priority for businesses as we transfer more of our work onto digital channels. The threat of cyber crime isn’t to be taken lightly, as proven by the recent attack on three British private equity firms. The firms were deceived into making payments worth a total £1.1 million to a hacker called The Florentine Banker. An Israeli cyber-security company, Check Point, carried out an investigation into the attack and found that the firms had been targeted over several months in a phishing attack. After four attempts were made to wire the money to fraudulent bank accounts an emergency intervention was launched. They managed to recover £570,000 but the rest of the money was permanently lost.
Cyber criminals like The Florentine Banker focus their efforts on senior executives or those in charge of money transactions. In this recent attack, the first phishing emails targeted just two staff members, one of which one gave their credentials to the attacker. As time passed, the attackers used different methods to target new people that would give them a clearer picture of the firms’ financial positions. Richard Horne, a cybersecurity-focused partner at PwC said, "They try to lure someone in to clicking on a link that lets them download some malicious code onto their laptop, or they trick someone into entering usernames and passwords that allow the attacker to log on”.
It was revealed in a 2018 survey by PwC that cyber threats concerned 41% of investors and analysts. This placed it top of the list of largest threats to a business, an increase from fifth place the previous year. Horne said, "Private equity and venture capital [firms] have become a lucrative target for [business email compromise] operations," VC firms' involvement in large money transfers "makes them the perfect target to introduce new and fraudulent transactions”. Now, more than ever, it is important to remain vigilant in verifying your contacts and banking arrangements before making any payments.
NCM have introduced increased security measures to try and mitigate any increased risk in the current scenario and give clients added comfort where all are working remotely. However we are not complacent and ensure all staff are alert to the need for increased awareness in this area as ever changing. Sadly, as the world is in crisis some take the opportunity to further their criminal activities.
Source | Pitchbook