Tamika White, a Canadian centered in Calgary, Alberta, was recently arrested for a number of different crimes. First she targeted a company and hacked into the CEO’s email. Then she rerouted a payment for expensive gear to her bank account. The charges filed were a wide assortment (12 in all) – from identity fraud and money laundering to theft and trafficking stolen data.
Major Geek’s source page on this cyber-attack explains:
“[Once in the account], she proceeded to divert funds in the amount of 52,000 Canadian dollars ($38,600 in USD) to her own bank account. She directed the payment for an expensive piece of equipment into her own bank account. The Royal Canadian Mounted Police (RCMP) tracked down this bank account to White.”
White’s crime had been under investigation for six months prior to her arrest. However, the 30-year-old was oblivious until the raid on her house – where evidence was stacked up against her and an arrest was finally made.
Business email compromise is one of the most frequently used forms of online fraud. Hackers are finding it easier and easier to gain access to sensitive information. White is no exception in this scenario. The problem is that while White wasn’t able to cover her tracks, other hackers will easily.
This company is counting its blessings, especially having avoided financial disarray and mass security exposure in the media. Other companies will not be so lucky – hence the ransomware/malware/other attacks striking the online community as of late.
White may be the hacker that was caught but she will not be the last to attempt ‘business email compromise’ in the future. White now awaits the consequences of her crimes in Halifax, Nova Scotia.
Barkly Blog offers a short list of tips on avoiding business email compromise:
- Always double-check before sending money or data
- Require multi-factor authentication
- Run regular spoof checks
- Teach employees how to spot phishing