SpearPhishing in Omaha Tricked a Financial Controller to send $17.2 Million to China

Posted on February 14, 2015 by Carmelo

The FBI was brought in to investigate The Scoular Company after the controller wired $17.2 million dollars to China through their accounting firm, KPMG.

  • There were emails to the controller from an email address that resembled but was not the CEO’s official email address.
  • The controller was told to not tell anybody, saying that this would infringe on SEC regulations.
  • The instructions were to contact and wire the money through KPMG with a (fake)email and a (fake)number provided.
  • The controller thought they were doing their due diligence by contacting their KPMG representative on the phone, who answered correctly.

The controller has since been either let go or left after this negative event was uncovered.

How much does your company spend on Security Awareness? Enough to prevent a $17.2 million dollar oops?

Read more on CSO Online along with recommendations from experts on what should have been done. Hindsight, right?

This entry was posted in Security Blog and tagged , , , , , , , , . Bookmark the permalink.