Save the Children Foundation has revealed that the charity was targeted by fraudsters last year , leading to the loss of $ 1 million . Speaking to the Boston Globe , the US arm of the non-profit , which supports children worldwide , said that con artists managed to compromise Attack.Databreach an employee 's email account in order to masquerade as Attack.Phishing the staff member in question . Once access was gained Attack.Databreach to the account , the hackers behind the scam created Attack.Phishing a number of false invoices and related documents which described a need to purchase solar panels for health centers located in Pakistan . The Connecticut-based charity organization fell for the ruse Attack.Phishing , conducted in May 2017 , and approved the transfer of close to $ 1 million to an entity in Japan which was used as a front to rake in the proceeds . By the time the foundation realized the invoice was false , it was too late and the money was gone . The publication says that Save the Children possessed insurance which covered close to all of the lost funds , and in the end , the charity only lost $ 112,000 . `` We have improved our security measures to help ensure this does not happen again , '' Stacy Brandom , the chief financial officer of Save the Children told the Globe . `` Fortunately , through insurance , we were ultimately reimbursed for most of the funds . '' The scammers targeting the charity appeared to follow the rules of Business Email Compromise (BEC) attacks Attack.Phishing almost to the letter . These campaigns have a number of steps , compromise Attack.Databreach a business email account via brute-force hacking or social engineering ; pretend to be Attack.Phishing a legitimate staff member , and lure Attack.Phishing another individual to approve false invoices or fraudulent payments . The FBI has previously warned that December 2016 and May 2018 , there was a 136 percent increase in BEC scams Attack.Phishing , reported across 150 countries , Ill-gotten funds are often sent to entities in Asia and billions of dollars have been lost . In February , IBM said a single BEC scam Attack.Phishing originating in Nigeria led to the loss of millions of dollars belonging to Fortune 500 companies . These types of scams are incredibly common and it can be difficult to track down the fraudsters responsible , who may be located in any country in the world . However , on rare occasion , a BEC scam artist is taken to task for their actions . In September , a man from Nigeria was ordered to pay $ 2.5 million and serve five years in prison for conducting a variety of BEC scams Attack.Phishing against enterprise companies . Prosecutors estimate that the con artist defrauded victims out of hundreds of millions of dollars .

Save the Children Foundation has revealed that the charity was targeted by fraudsters last year , leading to the loss of $ 1 million . Speaking to the Boston Globe , the US arm of the non-profit , which supports children worldwide , said that con artists managed to compromise Attack.Databreach an employee 's email account in order to masquerade as Attack.Phishing the staff member in question . Once access was gained Attack.Databreach to the account , the hackers behind the scam created Attack.Phishing a number of false invoices and related documents which described a need to purchase solar panels for health centers located in Pakistan . The Connecticut-based charity organization fell for the ruse Attack.Phishing , conducted in May 2017 , and approved the transfer of close to $ 1 million to an entity in Japan which was used as a front to rake in the proceeds . By the time the foundation realized the invoice was false , it was too late and the money was gone . The publication says that Save the Children possessed insurance which covered close to all of the lost funds , and in the end , the charity only lost $ 112,000 . `` We have improved our security measures to help ensure this does not happen again , '' Stacy Brandom , the chief financial officer of Save the Children told the Globe . `` Fortunately , through insurance , we were ultimately reimbursed for most of the funds . '' The scammers targeting the charity appeared to follow the rules of Business Email Compromise (BEC) attacks Attack.Phishing almost to the letter . These campaigns have a number of steps , compromise Attack.Databreach a business email account via brute-force hacking or social engineering ; pretend to be Attack.Phishing a legitimate staff member , and lure Attack.Phishing another individual to approve false invoices or fraudulent payments . The FBI has previously warned that December 2016 and May 2018 , there was a 136 percent increase in BEC scams Attack.Phishing , reported across 150 countries , Ill-gotten funds are often sent to entities in Asia and billions of dollars have been lost . In February , IBM said a single BEC scam Attack.Phishing originating in Nigeria led to the loss of millions of dollars belonging to Fortune 500 companies . These types of scams are incredibly common and it can be difficult to track down the fraudsters responsible , who may be located in any country in the world . However , on rare occasion , a BEC scam artist is taken to task for their actions . In September , a man from Nigeria was ordered to pay $ 2.5 million and serve five years in prison for conducting a variety of BEC scams Attack.Phishing against enterprise companies . Prosecutors estimate that the con artist defrauded victims out of hundreds of millions of dollars .

Last week , the Internal Revenue Service ( IRS ) issued a new warning to employers , urging them to stay alert as reports of compromised W-2 records started to climb . This newest advisory aligns with the agency 's plan to delay refunds for those filing their returns early in order to combat identity theft and fraud . The IRS also informed employers the W-2 scam has moved beyond corporations , expanding to include schools , tribal organizations , and nonprofits . In a statement , IRS Commissioner , John Koskinen , said the scams - sometimes known as Business Email Compromise (BEC) attacks Attack.Phishing - are some of the most dangerous email scams the agency has seen in a long time . [ Learn about top security certifications : Who they 're for , what they cost , and which you need . `` It can result in the large-scale theft of sensitive data Attack.Databreach that criminals can use to commit various crimes , including filing fraudulent tax returns . We need everyone ’ s help to turn the tide against this scheme , '' Koskinen said . In 2016 , at least 145 organizations fell victim to BEC scams Attack.Phishing , exposing tens of thousands of employees to tax fraud and identity theft . Salted Hash kept track of some of the high-profile cases , and Databreaches.net tracked everything , resulting in a massive list of documented successful attacks . As of February 5 , 23 organizations have disclosed BEC-related data breaches Attack.Databreach publicly , each one resulting in compromised W-2 data . The confirmed BEC victims include ten school systems , a software development firm , a utility company in Pennsylvania , at least one restaurant in Indianapolis , and businesses operating within the healthcare , finance , manufacturing , and energy sectors . Distribution International emailed employees that their W-2 data was compromised Attack.Databreach on January 27 . Their notification expands the number of affected taxpayers to more than 30,000 . The scammers spoofed Attack.Phishing an email and pretended to be Attack.Phishing one of the company 's owners . W-2 records for all companies and all employees were compromised Attack.Databreach . Salted Hash reached out to Sky Climber 's CFO , Jeff Caswell , for more information . Also , the College of Southern Idaho has reported an incident that could impact 3,000 employees . According to Public Information Officer Doug Maughan , the W-2 records affected belong to seasonal and auxiliary staff . Palomar College disclosed an attack Attack.Databreach on January 30 , which affected employee W-2 records . The school did n't say the incident Attack.Databreach was the result of a BEC attack Attack.Phishing , but Salted Hash is listing it anyway due to the timing of the attack and the information targeted . Finally today , the West Michigan Whitecaps - a Class A minor league baseball team affiliated with the Detroit Tigers - said staff W-2 records were compromised after someone posing as Attack.Phishing a manager requested them . In 2016 , the criminals behind the BEC attacks Attack.Phishing mostly focused on payroll and tax records . This year though , the IRS says that in addition to the usual records request , the scammers are now following-up and requesting wire transfers . `` Although not tax related , the wire transfer scam is being coupled with the W-2 scam email , and some companies have lost both employees ’ W-2s and thousands of dollars due to wire transfers , '' the IRS explained in their warning . `` Employers should consider creating an internal policy , if one is lacking , on the distribution of employee W-2 information and conducting wire transfers . '' BEC attacks Attack.Phishing are essentially Phishing scams Attack.Phishing , or Spear Phishing Attack.Phishing since the criminals have a specific target . They 're effective too , exploiting the trust relationships that exist within the corporate environment . In a majority of the reported cases from 2016 , the attackers forged Attack.Phishing an email and pretended to be Attack.Phishing the victim organization 's top executive , or someone with direct authority . Often it is the CEO or CFO , but any high-level manager will work .