"Florida Man" Replaced by "Florida Hack"

Florida's city of Ocala falls victim to $750k business email compromise. It's the latest in a long string of successful attacks on Florida's local governments, including Naples, Riviera Beach and Lake City.

In a painfully expensive and sneaky attack, a hacker impersonated a contractor's representative and successfully fooled a government employee.

Ausley Construction submitted a legitimate invoice for the nearly quarter of a million dollars. The city paid the invoice on Oct. 18, but it went to the fraudulent bank account.

Upon further investigation, officials discovered that the now-resigned employee had unwittingly followed the attacker's instructions and changed the payment details.

The email address showed a slight difference from the legitimate Ausley address. Instead of @ausleyconstruction.com, the email included an extra ā€œsā€ at the end.

These spoofed domains can fool anyone. Unfortunately, this incident leaves the city of Ocala hoping to receive some insurance reimbursement for their losses.

INFIMA's behavior-focused Training platform helps prevent these painful headlines.
Want to learn more? Start here!

Original article here.
[https://www.ocala.com/news/20191028/ocala-police-scammers-swiped-nearly-750000-from-city]