Local SMES defrauded by email-based fund transfer scams
Two local small and medium enterprises ( SMEs) have fallen prey to a new electronic mail scam which saw them transferring funds to scammers rather than who they thought was a trusted supplier, according to Roshan Chandraguptha, an Information Security Engneer at the Sri Lanka Computer Emergency Readiness Team (CERT) Co-ordination Centre.
The scammers in question set up free email accounts which were very similar to accounts of trusted suppliers. Using these fake accounts, the fraudsters had sent these local SMEs new account details for fund transfers. As a result, following funds being transferred for the purchase of goods, and after the victims had contacted their trusted suppliers because promised shipments had never been received, it was found out that the real suppliers had never accepted any funds. In fact, in both cases, the transaction was never verified with suppliers immediately following the transfer, and, as a consequence, in both cases, large sums of money were reported to have been lost.
Speaking on the continuing spate of media reports alleging that many Sri Lankan websites were being hacked, Mr. Chandraguptha indicated that there were 20 reported incidents of websites being hacked in 2011, compared to eight in 2010.
Also, he revealed that this almost always involved the defacement of a website, either its home page or some other page which was not secure, with hackers usually exploiting weak passwords or negligence in performing timely security updates. Additionally, he also opined that "reported incidents are more because as people are more aware of our existence they report it to us for help in recovering, for investigating, etc."
When asked by the Business Times if there were more hacking incidents this year compared to previous years, Mr. Chandraguptha stated: " I don't think so but of course more people are talking about it and on media.” However, he did admit that Sri Lanka CERT was not always brought in when government websites were being hacked. For example, this was the case with the recent hacking of the website of the Ministry of Mass Media and Information ( media. gov. lk) which was being investigated by the Criminal Investigation Department ( CID), with Sri Lanka CERT only providing technical support.
Meanwhile, according to Wasantha Deshapriya, Director of the Re-engineering Government Programme at Sri Lanka's In- formation Communication Technology Agency ( ICTA); " The number of reported cases of hacking of government websites has been comparatively high during last 3- 4 months.” Mr. Deshapriya also commented; "ICTA does not monitor private websites or does not request private organisations to report to us when their sites are hacked.” And, as such, he was unable to comment on how many, or if at all, websites of Sri Lanka's private sector companies had come under attack.
When asked by the Business Times whether there was any obvious political motivations behind these attacks, Mr. Deshapriya responded in the negative, stating: " Most of the attacks seem to be innocent ones; cases of hackers trying to prove themselves. No critical damage to the website, only a mark is left by the hackers to prove that they have entered the website through a back door.”
In the meantime, Mr. Chandraguptha recommended the following measures be taken for more secure websites: "Perform a vulnerability assessment on the web site before it goes online, if it is already online perform a vulnerability assessment soon as possible.” He also advised website administrators to keep both the software used for web development and the operating system of the server upto- date with the latest updates and security patches. Finally, he also added that one should use a strong password, i. e. with capital letters, simple letters, numbers, symbols and at least eight characters, for the content management system (CMS).
Concluding, he also put forward this simple analogy to keep in mind; "if you don't keep your home door, gate close and locked, chances are robbers will enter and rob your home".