"Florida Man" Replaced by "Florida Hack"
Florida's city of Ocala falls victim to $750k business email compromise. It's the latest in a long string of successful attacks on Florida's local governments, including Naples, Riviera Beach and Lake City.
In a painfully expensive and sneaky attack, a hacker impersonated a contractor's representative and successfully fooled a government employee.
Ausley Construction submitted a legitimate invoice for the nearly quarter of a million dollars. The city paid the invoice on Oct. 18, but it went to the fraudulent bank account.
Upon further investigation, officials discovered that the now-resigned employee had unwittingly followed the attacker's instructions and changed the payment details.
The email address showed a slight difference from the legitimate Ausley address. Instead of @ausleyconstruction.com, the email included an extra āsā at the end.
These spoofed domains can fool anyone. Unfortunately, this incident leaves the city of Ocala hoping to receive some insurance reimbursement for their losses.
INFIMA's behavior-focused Training platform helps prevent these painful headlines.
Want to learn more? Start here!
Original article here.
[https://www.ocala.com/news/20191028/ocala-police-scammers-swiped-nearly-750000-from-city]