Slashdot Mirror

← Back to Stories (view on slashdot.org)

Tech Firm Ubiquiti Suffers $46M Cyberheist

Posted by Soulskill on from the why-you-should-always-read-your-TPS-reports dept.

An anonymous reader writes: Brian Krebs reports that Ubiquiti Networks, known for their wireless networking hardware, has lost $46.7 million to a scam in which thieves were able to impersonate employees and initiate fraudulent wire transfers. Ubiquiti was able to recover only $8.1 million of the amounts transferred, and an additional $6.8 million is subject to legal injunction. Krebs explains, "Known variously as 'CEO fraud,' and the 'business email compromise,' the swindle that hit Ubiquiti is a sophisticated and increasingly common one targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. ... CEO fraud usually begins with the thieves either phishing an executive and gaining access to that individual’s inbox, or emailing employees from a look-alike domain name that is one or two letters off from the target company’s true domain name." The theft was disclosed in Ubiquiti's quarterly financial report.

1 of 54 comments (clear)

  1. Look no further by Rumagent · · Score: 5, Informative

    Look no further than the sorry state of email today. This problem was fixed 25 years ago:

      https://en.wikipedia.org/wiki/Pretty_Good_Privacy#Digital_signatures

    One is almost tempted to think that someone is trying to keep private communications open and accessible...