Security

BEC attack: Nikkei employee transfers $29 million to scammers

The company has filed a damage report with investigative authorities in the US and Hong Kong.

The leading financial media organization in Japan and owner of the Financial Times Nikkei has admitted that it suffered an embarrassing Business Email Compromise (BEC) or commonly known as BEC attack.

What is Business Email Compromise (BEC)?

BEC is a scheme in which cyber criminals compromise email addresses of known people in the company to scam them into wiring a large sum of money to bank accounts owned by malicious elements or a scheme in which scammers send fake emails to convince victims into transferring a large sum of money into their bank account or wiring address. 

BEC attack against Nikkei

The company released an official statement explaining that it lost $29 million in a cyber-fraud after an employee at its US subsidiary mistakenly transferred money following “fraudulent instructions by a malicious third party.” Headquartered in Tokyo, Nikkei is a data provider, TB broadcaster, and newspaper firm. 

As per the company’s official statement, the erroneous transfers took place in late September 2019 when a Nikkei America, Inc. employee transferred money to a scammer who claimed to be Nikkei management executive. Approx. $29m were transferred from Nikkei America funds.

See: BEC attack – Wicked scammers steal $1 million from Save the Children charity

Nikkei America soon realized that they have become victims of cyber fraud. The company has filed a damage report with investigative authorities in the US and Hong Kong, the destinations from where the fraud originated, after engaging lawyers in determining the hidden facts of the attack.

“Currently, we are taking immediate measures to preserve and recover the funds that have been transferred, and taking measures to fully cooperate with the investigations,” the company explained.

Nikkei isn’t the only bigwig in the list of firms that have been deceived into transferring huge sums of money to cybercriminals. Previously the likes of Facebook and Google have also experienced the same. In the incident, Google and Facebook were tricked by a Lithuanian man who impersonated as an employee of a famous Asian company. The scammer was using phishing emails to collect the details of wire transactions and other relevant details just to make his case more believable – In the end, he scammed both companies with $100 million.

It isn’t also the only Japanese firm to be targeted by cybercriminals as in 2008 Lehman Brothers sued Marubeni trading house for fraud of $352m.

The loss is definitely a big blow to Nikkei as the company is already experiencing a considerable decline in sales. Reportedly, in recent years it has recorded a 20% year-on-year decline in its net profit to £36m/¥5.1bn. Nikkei, which is also responsible for the Nikkei 225 stock index, is taking necessary steps for recovering the lost funds. 

The latest stream of cyber frauds reflects the way cybercriminals and scammers are employing rather sophisticated tactics to target international firms and successfully stealing large sums. It is worth noting that BEC attacks cost a combined loss of $1.3bn in 2019 to firms across the world.

Did you enjoy reading this article? Like our page on Facebook and follow us on Twitter.

You Might Also Like

Leave a Reply