Update : The Norwegian investment fund that was swindled $10 million (£8.2 million) was swindled for $10 million (£8.2 million), resulting in the extraction of an Advanced Level Data Break.
Norfund – the Norwegian government’s funding mechanism for developing countries – said that the hacker had managed to manipulate the organization to channel a loan to a Cambodian microfinance institution into a fraud-proofed account. As a result, Kroehner lost 100 metres in March.
The investment fund reported that the money had apparently been channelled to Mexico by the organisation in Cambodia. The local and international police have been involved in the investigation of this case.
The details of the cyber attack are few and far between. It could be a fictitious attack on business e-mails, in which the attacker seizes an e-mail account to impersonate an employee or civil servant and forwards money destined for a Cambodian company to another bank account. Or she could have been more intrusive.
The fraudsters have manipulated and falsified the exchange of information between Norfund and the credit institution over time in a way that is realistic in terms of structure, content and language, Norfund said Wednesday during the raid. Documents and payment details have been falsified.
Again, this could be a generous way of saying that someone has been scammed by sending money to the wrong account with a fake account or fake emails and poor account control.
e-mail scammers steal over $300 million a month from the pockets ofU.S. lawsuits.
Despite the considerable wealth of Norfund, the Norwegians don’t miss it. Tellef Thorleifsson’s CEO promises quick action to prevent the organization from cheating again – this time they’re going on the Viking.
This is a serious incident. According to him, the fraud clearly shows that we, as an international investor and development organisation, are vulnerable to the active use of digital channels.
The fact that this has happened shows that our systems and procedures are not good enough. We must take immediate and serious action to remedy this situation.
Norfund said he not only called the police, but also worked with the Norwegian Ministry of Foreign Affairs and his bank DNB to track down the thief and return the money. PwC also participates in the evaluation of the Fund’s IT security system.
Norfund hopes that by keeping an open mind about this incident, we can help reduce the risk of others falling victim to this fraudulent activity, the investment firm said.
As embarrassing as it is to be the victim of such scams, Norfund is hardly alone. While the compromise on business mail is central to this issue, it is a multi-billion dollar industry and will only get worse.
Deception is simple, but deadly effective. A fraudster attacks a certain person within an organization and then defrauds others to send payments to a new account, not to the company or organization for which they are intended. As payments are otherwise legal and authorised, victims generally do not make them until it is too late.
For example, last year the Colorado city government obtained $1 million from a fraudster for alleged construction costs, and the Texas school district obtained $2.3 million through various fraudulent transactions. ®
Editor’s note: This story was corrected after publication to make it clear that Norfund is the Norwegian government’s investment fund for developing countries and not the government’s Global Pension Fund, which, with $1 trillion, is the largest sovereign wealth fund in the world, as we indicated earlier. We regret this mistake.
Webcast : Build a new generation of your business in the public cloud.