1. Malware Theft
Hackers sent a phishing e-mail with a bogus word document attachment to a member of the accounts team within a small firm of accountants. Upon opening the attachment, a piece of key logging software was automatically installed which allowed the hackers to gather crucial access data and then log into the firm’s bank portal with the credentials of one of their users.
The insured was contacted by the bank after the hackers had initiated several wire transfers and ACH batches from the insured’s account to accounts located in Nigeria. After checking with the user whose credentials had been used to instruct the transactions, the firm instructed an IT forensics company to establish what had happened and to remove the malware from the system.
After managing to recall some of the wire transfers, the firm were left with $164,000 lost in theft of electronic funds and costs of $15,000 for IT forensics work.