A cybercriminal managed to infiltrate a commercial transaction, hiding long enough to get the final amount of $15 million.
The fraudster carefully executed an email compromise that lasted for 2 months. When they gained access to the email chain they placed themselves in the transaction to diverted the money.
Investigators have linked the hack to a single person but they have also found a long list of other companies on their hit list, including those in retail, finance and legal sectors.