PHILIPSBURG--Social and Health Insurances SZV announced on Tuesday that it has recently been targeted by a seemingly international phishing scam.
“As a good corporate citizen, SZV takes this opportunity to warn businesses and institutions on island to be on the lookout for this. The scam took place via e-mail correspondence, where the scammers posed as a company insider that requests and approves financial transactions,” stated SZV on Tuesday.
“The scam was of such a sophisticated nature that protocol was not breached. This led to no initial suspicion of the action. SZV has since increased its ICT [information and communications technology – Ed.] security measures as well as its banking protocols, which will now include additional manual checks.
“SZV is aware that other local and regional entities have been targeted in similar scams. The scam has been reported to the respective authorities, an official police report has been filed as well, and the FBI and other international agencies are being contacted for assistance.
“Together with our bank, SZV is seeking to retrieve the money transferred. Internally, additional security measure are now in place for bank transfers. These measures include additional manual checks, which will lead to extending the payment processing time.
“This is a business e-mail compromise (BEC) scam, a type of financial fraud designed to steal money from businesses and individuals. Typically, an attacker will impersonate high-level executives at a company and send phishing emails to employees requesting either a money transfer or sensitive data that can be used to commit fraud.”
Attackers research the organisation to identify whom to target (who can make transfers) as well as whom to impersonate (who can make the request). The scam is not uncommon in the United States, the Netherlands and the United Kingdom, but now seems to be targeting the Caribbean region more aggressively.
