Remember emails from dethroned Nigerian princes? Today’s schemes are more sophisticated.
We’ve all heard about international crime organizations targeting businesses.
But auto dealerships are also are being attacked. Hackers are targeting auto dealers, along with other service businesses, with sophisticated and targeted email scams designed to trick unwitting employees into performing actions that make business networks vulnerable.
A few years ago, computer hackers used relatively unsophisticated schemes to try to access information and money. Remember the emails from the dethroned princes in Nigeria? Today’s schemes are more sophisticated.
Dozens of auto dealerships across the country (that we know of; the figure may be in the hundreds) have already fallen victim to hackers who have successfully managed to access the following information:
- Bank account numbers, routing numbers and login credentials.
- Customer bank account numbers and routing numbers.
- Customer credit card numbers, addresses, social security numbers and credit scores.
Employees who work in the accounting and F&I departments are most at risk for being targeted by sophisticated email scams.
Here is a sampling of actual incidents:
A controller received an email from someone, whom he thought was the dealer, requesting a $30,000 wire transfer. After a few emails back and forth, the controller complied with the request. Unfortunately, the bank was not able to retrieve the $30,000.
A virus was downloaded in an email attachment on the F&I manager’s computer. The virus tracked every website visited and every keystroke made.
Hackers were able to use the information to login into credit bureau sites and extract credit reports for hundreds of customers. This cost the dealership more than $150,000.
An accountant was tricked into visiting what he thought was Bank of America’s website. The accountant was prompted to enter in login information, bank account numbers and other information that enabled hackers to initiate a $400,000 wire transfer. Fortunately, the real Bank of America stopped the transfer before it happened.
Click below to read the full article: