Fake Invoices, Invoice Hacking Attacks Targeting Kingdom
The Ministry of Posts and Telecommunications issued a statement on May 23 expressing concern over cyberattacks in the Kingdom, calling for greater vigilance to thwart rising hacking attacks targeting the private sector.
The statement said there have been a number of Business Messaging Compromise (BEC) scams aimed at stealing money by sending bill payment emails for transactions to foreign companies.
“The scam is particularly prevalent in the private sector, with cybercriminals hacking into a company to study their business practices and records, then attacking the targeted entities by sending emails that appear to be invoices from known and legitimate sources,” did he declare.
This crime is often referred to in US law as “theft by fraud”, which means that it is theft that takes place by “defrauding” – that is, deceiving – the victims of one way or another rather than using violence or breaking an entrance.
The Kingdom’s Penal Code refers to all such thefts that rely on subterfuge or gain the victim’s trust first as forms of “fraud” with varying severities, as defined in Chapter Two, Section 377 .
The department said that hackers or sometimes organized groups of hackers will hack into a company and gain access to its computer network, then conduct extensive research on it and its employees.
They then wait for the right moment to execute their plans, which usually involves submitting fake invoices with large payments, or they may impersonate the company’s CEO or other executive or contact company executives claiming to be a trusted supplier or business partner, then requesting a cash transfer to an overseas account or requesting that payments for goods and services in the future be routed to a new bank account.
Groups often complete the deception by first hacking into the network of companies on both ends of the transaction so they can send a 100% legitimate looking request from one company to the other using the correct documents, employee names and even their real email addresses. This makes it a very difficult scam to defend against for businesses that routinely make large expenditures with dozens, sometimes even hundreds, of suppliers or service providers.
The ministry advised users to be extremely careful with measures such as carefully checking and verifying names and email addresses, or making inquiries by phone if suspicious, even if the email is from known people. .
The ministry has advised all businesses to be wary of all emails requesting changes to account information for cash transfers and to ensure they institute procedures and protocols that require employees to confirm or verify requests for changes to account information directly with individuals or business partners by means other than email, such as telephone calls, for example.
And after that they should consider going further and – without mentioning their intentions to do so by talking to their business contact – try to phone their company’s security or IT department after that conversation and ask them to verify independently the legitimacy of the transaction. before authorizing it.
And, the ministry noted, any business cheated in any of these scams should contact the bank immediately if they find out they have been cheated and try to have the transaction reversed or frozen while filing complaints with the police and other authorities if they ever want to find the pirates responsible and have them punished.
Independent digital security consultant Nget Mose said the reason for the increase in cyberattacks in Cambodia was that the development of the sector was still limited in terms of digital laws, tools and literacy, which made Cambodia a country easy to target for email attacks.
“The global trend of cyberattacks to steal or launder money is increasing everywhere, not just in Cambodia, but they are succeeding here at a higher rate than we would like because our digital security infrastructure is still limited,” he said. -he declares.
He added that in order to protect their businesses from these attacks, the private sector should put in place security management plans and build staff capacity in digital assets while implementing stricter protocols with verification. or multi-factor or multi-step approval for certain highly sensitive data. such as bank account information and other payment processes.
The ministry urged the public to get more information on such cases from the website of the Office of Computer Emergency Response Team Cambodia (CamCERT) of the Department of Security, Technology. Information and Communication Department at www.camcert.gov.kh
They can also get more technical support and report illegal activities by emailing [email protected] or by calling 023 722 391 / 016 851 678.