Internet phishing scams can effect everyone, even large companies like Disney. In a report from the Orlando Sentinel, Disney’s government, Reedy Creek Improvement District (RCID), was a victim of a recent phishing scam. While they were able to recover most of the money, $93,658 has been lost in this scam.
What happened:
- Back in February a RCID financial employee received an email from a co-worker saying that a contracted company they frequently do business with–BrightView Landscapes–was requesting payments be made to a new bank and new account with Capital One.
- The financial employee proceeded to make the necessary changes and emailed the co-worker to check that BrightView Landscapes had confirmed–over the phone–the account details and bank information was correct. The co-worker emailed back saying yes.
- BrightView’s request seemed legitimate as the attachments contained the proper BrightView logo and correspondence came person who interacted regularly with RCID.
- In actuality, the co-worker’s email had been hacked and was not the one sending the financial employee the original message or follow up responses.
- RCID proceeded to make a payment to the new account. A few days later, the financial employee received another email from the hacked co-worker’s account saying that BrightView had made a mistake and needed to change the bank account again. This time to Bank of America.
- In the following days, SunTrust called the financial employee to verify the payments that had been made due to an alert from Capital One Bank.
- Capital One said the name on RCID’s payments did not match the name on the Capital One account.
- Realizing that the co-worker had not sent the emails, the financial employee contacted BrightView and learned they had not requested any type of account change.
- The Orange County Sheriff’s Office was contacted on February 27th and the Capital One account was frozen.
- In March, RCID got most of the money back via a wire transfer, however they’ve permanently lost $93,658.
Quotes from the Orange County Sheriff’s Reports:
- “Believing the transaction to be legitimate, the account change was made and two payments were ultimately sent to the Capital One account.”
- “The document that was attached to email appeared to be legitimate as it also contained the proper BrightView Landscaping logo.”