Speaking to IT Security Guru, Centrify CEO Tom Kemp said that in February of this year, it was able to spot and report a targeted attack within two hours of it arriving.
Kemp said that at 9.30am, an email was sent to a member of the accounting team claiming to be from the CFO Timothy Steinkopf which was from the domain “Centrilfy”. The instruction was to send funds amounting to $357,000, which the accountant was able to initiate but not complete.
“That person had a conversation with the CFO as they sat together and Tim said that he didn’t send that email and we called the FBI to report it and find out who was responsible for registering the domain,” he said.
“Someone did the mining and figured out the structure of the company and created the fake domain with fake email addresses. They tried it on 100 different companies and if they had been successful with one, two or three per cent of them, they would have earned hundreds of thousands of dollars.”
Kemp said that he was not aware of who the others companies were, but this showed the sophistication of the underlying checking as they had taken the time to register the domain, create a very similar looking website to Centrify’s domain and researched who was who within the company.
“In our company there is a two-step approval process for payments, and thankfully these people were sitting next to each other and talked to each other,” he said. “It is a two-step process, but had it have been a one-step, it probably would have gone through.”
He said that in instances such as this, it proves that there are some very smart people working in cyber crime who are very capable and it pays to be aware on what you are paying for.