Slashdot Mirror
Chinese Scammers Take Mattel To the Bank, Phishing Them For $3 Million (www.cbc.ca)
itwbennett quotes a report from The Associated Press: Mattel, the popular toy maker behind Barbie and Hot Wheels, was the victim of a phishing attack last year that nearly cost them $3 million. On April 30, 2015, a Mattel finance executive got a note from the new CEO, Christopher Sinclair, requesting a new vendor payment to China. Transfers required approval from two high-ranking managers; the finance exec qualified and so did the CEO. The transfer was made. The only thing preventing a total loss was the fact that the following day was a bank holiday. Details of the attack against Mattel come from a report by the Associated Press, investigating money laundering and other financial crime in Wenzhou, China.
It would be reversible...if the money stayed in the destination account.
However, what they do is then split the money into many, many accounts, and keep moving it, travelling the world until it's laundered enough to recover.
As each account would require a court order to disclose what happened to the money in it, and different countries have different requirements to disclose and different languages, by the time they've chased down the money, it's already moved on - so they just don't bother.
It's like Slashdot hasn't changed at all since the new Backslash guy or whatever his nick was took over. We're still getting all the duplicate stories and just plain wrong news. Sigh.
Shutting down free speech with violence isn't fighting fascism. It IS fascism!
Yeah, but China isn't just any country. This isn't Romania. There are tons of controls on international transactions. Otherwise there would be a giant sucking sound for a month or two and China would be empty of funds. Nobody trusts Chinese banks, especially Chinese banks. This is why property is always super-hot in China and prices everyone out of the market - there's really nowhere else to invest money.
Shutting down free speech with violence isn't fighting fascism. It IS fascism!
nearly cost them $3 million
cost them nearly $3 million
So do these two mean the same thing?
I feel like in the second case they lost the money, in the first they came close but did not.
Here is a podcast that is a great example of how to do this and explains how easy it is.
http://www.npr.org/sections/mo...
Error reading device 'Signature'. (A)bort, (R)etry, (F)ail?
Not OP nor anyone else in the thread here. I do a lot of daily work involving sums both up to and larger than this size. Before I can whip a check out the door, I have to go to a committee which has our country CFO and CEO or their designees present. Once approved there, I have to go to the global committee for the same (international company). Then I have to go to the people who actually control the company checking account, and they verify that I got approval from the first two groups. They basically check my story and give me authorization to spend money.
Lastly, I need email approval on top of all this from a manager who has sufficient spend authority to ok the expenditure. But that last step is the only email in the chain, the rest are conference calls with the interested parties. It's their job to basically make sure I didn't give the finance folks a line of bull.
It's an exceptional amount of checks and balances, with anything costing more than a Ford Focus requiring mass interrogation. No single or even dual email from any C-level person is sufficient to make money leave my company that easily.
In our company the policy is you need to contact the CEO verbally in order to do these transactions. No one authorizes multimillion transactions via email, because of these phishing attacks. So there is your insight.