Download PDF
Case Studies > Debt Collector Impersonation / Invoice Fraud Attack

Debt Collector Impersonation / Invoice Fraud Attack

Technology Category
  • Cybersecurity & Privacy - Identity & Authentication Management
  • Cybersecurity & Privacy - Network Security
  • Cybersecurity & Privacy - Security Compliance
Applicable Industries
  • Retail
  • Professional Service
Applicable Functions
  • Business Operation
  • Sales & Marketing
Use Cases
  • Fraud Detection
Services
  • System Integration
  • Cybersecurity Services
  • Training
The Challenge
The retailer was targeted by an attacker impersonating a debt collection agency using a lookalike domain. The attacker also spoofed the retailer's COO to add credibility to the fraudulent invoice request. The attack involved sophisticated social engineering techniques and spanned six back-and-forth conversations over one day. The urgency created by the debt collection pretext led employees to overlook red flags and begin processing the payment.
About The Customer
The customer is a global retailer that was targeted by a sophisticated invoice fraud attack. The retailer operates on a large scale, dealing with numerous vendors and financial transactions daily. This makes them a prime target for Business Email Compromise (BEC) attacks. The retailer's employees are responsible for processing invoices and ensuring timely payments to avoid penalties and maintain good vendor relationships. The company has a significant digital presence and relies on email communication for its operations.
The Solution
Abnormal Security detected and stopped the attack using its Abnormal Behavior Technology (ABX). ABX combines the Abnormal Identity Model, Abnormal Relationship Graph, and Abnormal Content Analysis to detect and prevent such attacks. Specific techniques used included identity modeling with VendorBase, domain impersonation detection, relationship graph analysis, and content analysis using natural language processing. The solution was deployed in passive mode, allowing for a comprehensive view of the attack lifecycle without impacting email flow. Abnormal Security's platform integrates seamlessly with Office 365 and G Suite, requiring no configuration and minimal setup time.
Operational Impact
  • Abnormal Security's detection capabilities prevented the fraudulent payment from being processed, safeguarding nearly $30,000.
  • The platform's ability to detect domain impersonation and spoofed emails provided a robust defense against sophisticated social engineering attacks.
  • The seamless integration with existing email systems ensured that the retailer's operations were not disrupted during the detection and prevention process.
Quantitative Benefit
  • Prevented a financial loss of nearly $30,000.

Related Case Studies.

Contact us

Let's talk!

* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that IoT ONE may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from IoT ONE.
Submit

Thank you for your message!
We will contact you soon.