Experts Insight On Media Giant Nikkei Hit By BEC Scam, Losing $29 Million

It has been reported that Japanese media company Nikkei Inc. is the latest organization to be hit by BEC scammers, costing the enterprise $29 million. The company confirmed last week that, in late September, an employee of its US subsidiary,”had transferred approximately 29 million United States dollars (approximately 3.2 billion Japanese Yen) of Nikkei America funds based on fraudulent instructions by a malicious third party who purported to be a management executive of Nikkei.”

Commenting on the news are the following cybersecurity professionals:

Ed Macnair, CEO ,  Censornet
November 06, 2019
Traditional pattern matching technologies are useless against these modern techniques.
Although the gigantic cost of this scam makes it a particularly unusual and embarrassing case, it demonstrates the damage that one instance of human error can still do to organisations of all sizes. “It is important to train employees so that they notice the more sophisticated techniques used by hackers but Business Email Compromise scams take advantage of a very human desire to please a hig ....
[Read More >>]
Felix Rosbach, Product Manager,  comforte AG
November 06, 2019
The name of the game is sophisticated identity access management coupled with verification from an actual human.
Here we have yet another example of how easy it is to steal someone's identity – given there are no countermeasures in place. The reason for this is simple: most hackers aren’t geniuses, but neither is the average employee. We’re only human after all. Sometimes we make mistakes. Sometimes we get complacent or distracted and, unfortunately, our tendency to slip up every once in a while leaves ....
[Read More >>]
Martin Jartelius, CSO ,  Outpost24
November 06, 2019
But the best control is one that catches when the human fail.
To mitigate such a threat occurring, an excellent set of security processes need to be instilled: 1. Do not process financial transactions solely based on email 2. Do not authorize transactions over certain amounts without verification from the one instructing on the transaction. 3. Do not authorize new recipients of any transactions without an approval process within the finance team. The las ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments

In this article