A 30-year old scrap processor was hoping not to be in a national Newspaper article about what not to do with your information security.
Some Nigerians set up malware on the unsuspecting Metals scrapper computers. So now the malware stole the email password and other email information. Then the Nigerians did what all Nigerian spammers are good for:
Sent a fraudulent email that asked for transfer of money to a fraudulent supplier (them), not the companies that normally sell scrap from Europe.
In my mind this story speaks of several problems that Mr. Megdal of Mega Metals had (as well as 25 other Dallas companies) with a potential stolen amount of $100million. They believed their computer emails without question, sent a lot of money without verification of new clients. And of course had malware that took access from areas thought “secure” or likely not even thought about.
Lessons taken from here:
1. The computer you are on is not always 100% trusted
2. Increase Cybersecurity capabilities.
3. Always build an additional monetary safeguard into transactions above a certain dollar amount.
I bring this up here to keep a level of skepticism in various transactions. It is good to verify sometimes, even if it takes a bit longer.
The criminals are getting wilier and are trying to score bigger hits. We need to be aware of this.
When reading the whole article you will notice that the Nigerians did not only hack the US companies, but the Italian companies who are the brokers to customers (Titanium scrap sellers).
The other item to know is that you have at most 72 hours to recover a fraudulent transaction. More time than that and it would be difficult if not impossible to get anything back.
We have to create better controls in this age of global knowledge, where everyone in the world knows who you are even the criminals that put together new ways to take your money. Sure you want global customers, but having verification of new clients is a good idea.
Contact Us to discuss this