Posts

The Cybercrime Files- Case #104: The Heavy Machinery Hacker

*This is a true account of a local cybercrime. However, the names of the victims and businesses have been changed to protect their identities. To learn more about Cyber Security Services in Akron, OH click here.


INVESTIGATIVE REPORT

OFFENSE: Email Fraud

VICTIM:  DDD Construction

LOCATION: Akron, OH

DATE: 2-20-19

LEAD INVESTIGATOR: Patrick Carroll

NOTES: Email fraud has been around since the earliest days of the internet. Today, it’s hard to go even a single week without receiving some sort of spam or chain letter.

Fortunately, most of us have a pretty good idea of what to look out for—if someone asks you to wire money or for your bank account number in an email; chances are it’s a phishing scam. And if you get an email saying that you’ve won the big sweepstakes…well, as much as we wish it were true, it’s pretty easy to conclude the sender is up to no good.

But what happens when you get an email from a trusted source asking you for money to complete a business transaction that has been in the works for several weeks?

In the case of DDD Construction, you get ready to send the money.

FINDINGS: DDD Construction is a small company based in Akron, Ohio looking to grow their operation. In order to meet customer demands and stay competitive in the market, DDD decided they needed a new piece of heavy equipment.

After weeks of shopping around, DDD found exactly what they were looking for. Phone calls were made, emails were sent, and the price was negotiated to $15,000.

Shortly after the price was agreed upon, DDD received an email from the seller asking DDD Construction to wire the $15,000 over immediately. They claimed to have another buyer interested in the machinery, and needed the money right away or would be forced to sell to the other interested party.

Even though this wasn’t standard practice for the seller the emails seemed legit and were written in the same style/tone as the previous emails.

Minutes before wiring over the money the CFO of the construction company called the seller to verify the transaction. The seller had no idea what he was talking about. The email had been sent from a hacker posing as the seller!

Find out if your company is vulnerable to a Cyber Attack with this Free Network Security Assessment.

CONCLUSIONS: Email scammers are getting more and more creative. In this instance, a cyber criminal hacked into DDD Construction’s email account and monitored all of their incoming and outgoing emails.

After reading the emails sent between the seller and DDD, the hacker posing as the seller, sent DDD Construction an email asking that the money be wired over (to his account- disguised as the seller’s business account) immediately. Because the hacker had been monitoring the emails all along he was able to mimic the seller’s writing style and voice, making it very difficult for DDD to suspect anything was wrong.

This type of scam is becoming more and more common and we’re seeing a lot of this email scam in Akron, OH lately. This isn’t the first instance we’ve come across of a cyber criminal hacking into a business email account and posing as a client or customer.

We have also been seeing similar instances of hackers posing as someone’s family member or friend and asking for financial help.

WHAT YOU CAN DO: If you have any doubts, double check- especially if money is involved. It can be very hard to distinguish between a real email and email fraud if a hacker is using a trusted email account from someone you know.

It only takes a few minutes to pick up the phone and verify that what was said in the email is true. Fortunately for DDD Construction they made the call, and it saved them $15,000!

Read more about ways you can protect your business with our Akron Cyber Security Services.

The Cybercrime Files- Case #103: An Offer too Good to Refuse!

*This is a true account of a local cybercrime. However, the names of the victims and businesses have been changed to protect their identities. To learn more about Cyber Security Services in Akron, OH click here.


INVESTIGATIVE REPORT

OFFENSE: Identity Theft & Home Invasion

VICTIM:  Mary & Joe Thomas (real names not used)

LOCATION: Akron, OH

DATE: 1-26-19

LEAD INVESTIGATOR: Patrick Carroll

NOTES: *This investigation is still in progress. Check back for updates on this case.

Mary and Joe Thomas love their West Akron home. Their kids grew up climbing the tall oaks in the backyard and there’s plenty of room for all six of their grandchildren to come stay in the summer. Many memories bless their house, and the Thomas’ cherish all the years they’ve lived here.

“It’s our home,” Mary says. “We’ve been here for over thirty years.”

Despite the memories and all of the personal touches the Thomas’ have added over the years, Mary and Joe came very close to selling their home– or at least that’s what they thought.

“The price was just too good to pass up,” Mary says. “We’re retired now and we couldn’t resist thinking about all of the things we could do with the money. Plus, we loved the idea of being able to invest that additional cash for our grandchildren’s future.”

How much money did it take for the Thomas’ to decide to sell their dream home? Exactly $1 million, offered through a local realtor by an undisclosed buyer.

FINDINGS: Mary and Joe Thomas were contacted by a realtor on behalf of an area man who saw and fell in love with their home.

“He said he just had to have it,” Joe remembers.

After much back and forth about if they should sell, the Thomas’ decided the offer was just too good to pass up. Agreements were made and paperwork was prepared. Before closing however, the buyer mentioned he wanted to do some construction on the home and his contractors needed access to the house so they could provide estimates. The buyer had a realtor, and as closing was only a few days away, the couple obliged.

Closing day arrived and the papers were signed, however no funds were transferred. Soon, the deal fell through.

A few days later, to their horror, the couple realized their identities had been stolen. The “contractors” who entered their home were actually scam artists who hacked into their computers and dug through personal files and documents in order to steal the Thomas’ personal information. There had been no interested buyer all along, only an identity thieves looking to prey on unsuspecting victims.

At time of reporting this case has still not been resolved. Let’s hope Joe and Mary get this figured out very soon.

CONCLUSIONS: Nearly every person I meet believes that identity theft won’t happen to them. The words “stolen identity” are so common in our daily conversations that we rarely bat an eye when we hear them.

But just because we’ve gotten so used to hearing the phrase, it doesn’t mean we should take the threat any less seriously. In fact, according to a study by WalletHub, Ohio ranks third in the nation in identity theft, and FIRST in the country for the amount of money stolen.

Let that sit for a moment.

Ohio leads every state in the amount of money lost through fraud related identity theft. That’s ahead of California, New York, Florida, and everyone else!

Why are Ohioans so vulnerable to identity theft? One theory is that maybe we’re too trusting and more willing than most people to give out our personal information online.

WHAT YOU CAN DO: You can start by being very careful with who you give you personal information to. If you’re using a credit card to make an online purchase, be certain that the website is credible and has the proper security measures in place.

Also, never give out your personal information on an unsecured WiFi network. If you must use public internet at a coffee shop, library, airport, etc., make sure you use a virtual private network (VPN) to protect your laptop or mobile device. This is especially important if you plan to share personal information or credit card numbers while online.

Here is some good information on setting up a VPN.

Please check back soon for updates on this case.

The Cybercrime Files- Case # 102: The $50,000 Email!

*This is a true account of a local cybercrime. However, the names of the victims and businesses have been changed to protect their identities. To learn more about Cyber Security Services in Akron, OH click here.


INVESTIGATIVE REPORT

OFFENSE: Email Hacking & Wire Fraud

VICTIM:  Property Management Company

LOCATION: Cuyahoga Falls, OH

DATE: 12-21-18

LEAD INVESTIGATOR: Patrick Carroll

NOTES: The moment I arrived on scene both the CEO and CFO of the property management company asked me the same question: “how in the world did this happen to us?” The harsh truth, I told them, is that cyber criminals are getting wiser and more deceitful by the day. As soon as you let your guard down, they’re right there to take advantage.

According to the CFO here’s what went down:

The CFO received and urgent email from the CEO asking that he wire $50,000 immediately into a client’s account. The CEO wrote in the email that he was in a meeting and didn’t have time to wire the money himself.

Not wanting to question his boss or bother him during an important meeting, the CFO made the transfer. Later that day the CFO ran into the CEO and let him know the wire transfer went through. “What wire transfer?,” the CEO asked. Right then the CFO knew he had made a huge mistake.

FINDINGS:

  • Someone hacked into the CEO’s email and monitored his incoming and outgoing email communications.
  • Using the CEO’s email (as well as his style of writing) the hacker emailed the CFO and asked him to wire the money.
  • Because the email was sent from the CEO’s “secure” email, the CFO deemed it to be legit.
  • The CFO wired the money to a bank account provided by the CEO (aka, the hacker).

FORTUNATELY…

Because it was such a large sum of money, the wire transfer had not yet cleared when the CFO realized his mistake. He was able to cancel the transfer and get back the $50,000 before it was gone forever.

LESSONS:

Always be on the lookout for email scams!

If you receive an email from someone you don’t know, or even from someone you do know that looks suspicious, don’t assume anything! Often referred to as phishing scams, hackers will pose as friends, family members, or charitable organizations requesting that you send them emergency funds. They will also use email to upload software into your computer that gives them access to your accounts, passwords, and sensitive data.

In addition, these same emails will often contain ransomware and other programs that can lock you out of your data. The hacker will then ask you to send money to get your own data back! More on this in our next blog post!!!

Check out this page for some of the latest email scams to look out for.

 

The Cybercrime Files- Case #101: The Art Burglars

*This is a true account of a local cybercrime. However, the names of the victims and businesses have been changed to protect their identities. To learn more about Cyber Security Services in Akron, OH click here.


INVESTIGATIVE REPORT

OFFENSE:  Burglary & Data Theft

VICTIM:  JT’s Fine Art Gallery

LOCATION:  Akron, OH

DATE:  12-11-18

LEAD INVESTIGATOR:  Patrick Carroll

NOTES: I arrived at the scene shortly before 10am to meet with gallery owner, JT Clark.

Clark was understandably shaken at the events that had transpired. Clark told me that he had received a telephone call from local police informing him that several of his clients recently had irreplaceable works of art stolen from their homes. Clark was shocked when authorities informed him that his gallery’s IT Network may have played a significant role in these burglaries.

Clark explained that police discovered documents in a suspect’s apartment that listed the estimated values of all art brought into JT’s gallery to be appraised. The appraisals also included information such as customers’ addresses and occupations.

FINDINGS: It did not take long me long to uncover that hackers had infiltrated the gallery’s network (where all appraisals are stored) and stolen sensitive customer data.

Because Clark did not have the proper security measures in place, hackers were able to use automated software to steal employee usernames and passwords. Hackers then logged into Clark’s network and were able to view all appraisals.

The suspects then identified customers who brought in the most valuable pieces of art, wrote down their addresses, and then broke into their homes to steal their art collections.

PREVENTION: To protect Clark’s Network from being hacked again, we put the following security measures in place:

#1: Multi-Factor Authentication: Clark and his employees used simple passwords that were easy to steal. In order to protect them from future hacks we set up multi-factor authentication for all applications, networks, and servers. (Learn more about Multi-Factor Authentication here).

#2: Installed Proper Firewalls

#3: Did a complete network security overhaul and advised Clark and his staff on proper security practices as well as tips on prevention and detection.

CONCLUSIONS: Small businesses like Clark’s often don’t have the necessary security measures in place because they think they’re “too small” to be a target.

In reality, this can’t be further from the truth. Akron Cyber criminals will intentionally target smaller companies because they are frequently easier to hack and don’t believe it can happen to them. JT’s Gallery is just one of many cases we have seen like this.

This crime could have easily been prevented had the proper security measures been put in place. Please, don’t jeopardize your business or your customer’s safety by being complacent with your data protection practices. Data theft really can happen to anyone, including you!

Is your company a target for cyber criminals? Take our free Cyber Security Audit to find out!

Introducing Our New Blog Series.

Welcome to our new blog, PCR Investigates: The CyberCrime Files.

Stay tuned as we investigate true stories of cybersecurity threats and cybercrimes in Akron, OH and throughout our community.

We’ll keep you informed on the latest threats, and prepare you with the knowledge and tools needed to stay one step ahead of cyber criminals.