The news that criminals used fake e-mails to fool the town of Peterborough into sending them million-dollar payments comes as no real surprise to the state’s cybersecurity chief.
“We’ve heard about this multiple times over the past four years,” said Denis Goulet, commissioner of the state Department of Information Technology. “Ransomware is getting all the news, but there is still the risk of business email compromise – BEC – which is really focusing around this type of activity.”
Scammers don’t hack into computers, they use a ruse that gains them access to financial systems and ultimately cash.
“This comes from two directions. You can get a large hit like (Peterborough), although having it more than once is unusual. The other type is a bunch of small hits” such as redirecting monthly payments to an account, he said. “The bad guys are very good at creating believable emails at getting you to give up your credentials.”