Google and Facebook have confirmed that they fell victim to an alleged $ 100m ( £77m ) scam . In March , it was reported that a Lithuanian man had been charged over an email phishing attack Attack.Phishing against `` two US-based internet companies '' that were not named at the time . They had allegedly been tricked Attack.Phishing into wiring more than $ 100m to the alleged scammer 's bank accounts . On 27 April , Fortune reported that the two victims were Facebook and Google . The man accused of being behind the scam , Evaldas Rimasauskas , 48 , allegedly posed as Attack.Phishing an Asia-based manufacturer and deceived Attack.Phishing the companies from at least 2013 until 2015 . `` Fraudulent phishing emails were sent Attack.Phishing to employees and agents of the victim companies , which regularly conducted multimillion-dollar transactions with [ the Asian ] company , '' the US Department of Justice ( DOJ ) said in March . These emails purported to be from Attack.Phishing employees of the Asia-based firm , the DOJ alleged , and were sent from Attack.Phishing email accounts designed to look like Attack.Phishing they had come from Attack.Phishing the company , but in fact had not . The DOJ also accused Mr Rimasauskas of forging Attack.Phishing invoices , contracts and letters `` that falsely appeared Attack.Phishing to have been executed and signed by executives and agents of the victim companies '' . `` We detected this fraud against our vendor management team and promptly alerted the authorities , '' a spokeswoman for Google said in a statement . `` We recouped the funds and we 're pleased this matter is resolved . '' However , the firm did not reveal how much money it had transferred and recouped . Nor did Facebook - but a spokeswoman said : `` Facebook recovered the bulk of the funds shortly after the incident and has been cooperating with law enforcement in its investigation . ''

Evaldas Rimasauskas , 49 who allegedly conned Attack.Phishing two of the world 's biggest companies was arrested on fraud charges GOOGLE and Facebook have admitted they were conned out Attack.Phishing of an alleged $ 100million ( £77million ) in a phishing scam Attack.Phishing . The two world 's biggest companies fell victim after a Lithuanian man allegedly tricked Attack.Phishing employees into wiring over the money to bank accounts that he controlled , Fortune reported on Thursday . Evaldas Rimasauskas , 48 , is accused of posing as Attack.Phishing an Asia-based manufacturer and deceived Attack.Phishing the internet giants from around 2013 until 2015 . He was arrested earlier this month in Lithuania at the request of US authorities The conman is said to have forged Attack.Phishing email addresses , invoices and corporate stamps to impersonate Attack.Phishing Quanta and trick Attack.Phishing them into paying for computer supplies . Rimasauskas , who is awaiting extradition proceedings , has denied the allegations . The US Department of Justice ( DOJ ) said last month : `` Fraudulent phishing emails were sent Attack.Phishing to employees and agents of the victim companies , which regularly conducted multi-million-dollar transactions with [ the Asian ] company . '' Both Facebook and Google have confirmed the fraud and said that they had been able to recoup funds . But they did n't reveal how much money it had transferred and recouped . A Google spokeswoman said : `` We detected this fraud against our vendor management team and promptly alerted the authorities . '' `` We recouped the funds and we ’ re pleased this matter is resolved . '' A spokeswoman for Facebook added : `` Facebook recovered the bulk of the funds shortly after the incident and has been cooperating with law enforcement in its investigation . '' Security experts said the recent cyber attack highlighted how sophisticated phishing scams Attack.Phishing are being used to fool Attack.Phishing even two of the biggest tech companies .

Hacker group “ Charming Kitten ” used false identities to ferret out information , says Israel-based cybersecurity firm ClearSky An Iranian cyber espionage group known as Charming Kitten is believed to be behind a campaign targeting academic researchers , human rights activists , media outlets and political advisors focusing on Iran , according to a report published earlier this week by Israel-based threat intelligence company ClearSky Cyber Security . The group has also set up Attack.Phishing a news outlet called The British News Agency to lure Attack.Phishing targets in . Most of the group 's targets are in Iran , the U.S. , Israel and the U.K. , the report said , but some come from countries including France , Germany , Switzerland , Denmark , India , Turkey and the United Arab Emirates . The report detailed the various methods used to gain access Attack.Databreach to computers and private social accounts . Those include false identities , the impersonation Attack.Phishing of real companies , the insertion of malicious code into a breached website , also known as `` watering hole attacks , '' and spear phishing Attack.Phishing , the process of pretending to be Attack.Phishing service providers like Gmail or Facebook to trick Attack.Phishing people into giving out personal information . A significant mainstay of the group 's activity was the establishment of a media outlet called The British News Agency . Much effort went into creating Attack.Phishing a seemingly legitimate website , including details about the agency and a contact list of the management team . The purpose of the site was to attract Attack.Phishing the targets and infect them with malware . According to the report , multiple Israeli researchers of Iran and the Middle East were sent Attack.Phishing emails and Twitter direct messages from accounts registered with seemingly Jewish Israeli names . Messages coming from Attack.Phishing one such account were presented as if coming from Attack.Phishing a journalist and political researcher at KNBC News . Other messages were presented as if coming from Attack.Phishing an Israeli political researcher raised in California who needed help with an article and also wanted to apply for a position at an Israeli university . Another message was described as coming from Attack.Phishing a Jewish girl living in Iran . These messages often linked to phishing pages . ClearSky can not estimate how many accounts were successfully infiltrated , but the success rate for such attacks is usually around 10 % , said Mr. Dolev .

Law firms have been put on high alert as the Solicitors Regulation Authority ( SRA ) warns of new threats impacting hundreds of firms . Benoit Daoust In an update , the regulator said it has experienced an increase in the number of reports of attempted cyber-crime and that some 500 firms may have been targeted in a cunning new scam . It also warned solicitors to take care that they did not fall victim to the attempted infiltration of IT systems . It said that firms were sent Attack.Phishing emails requesting their services and once they reply they are sent Attack.Phishing attachments or links – both of which could contain malware which would allow the perpetrators to obtain passwords or financial details , copy or modify data on the system , and allow hackers to get into the firm ’ s network . Other advice from the regulator includes using cloud-based computing for storing , accessing and processing information as well as keeping software up to date , using anti-virus systems and encryption on mobile devices . It also recommends that files are backed up regularly and firms should ensure at least one back-up that is not directly and regularly connected to the main systems .

“ Over the past several weeks , we have seen a combination of attack techniques . One , where an attacker impersonates a travel agency or someone inside a company . Recipients are told an email contains an airline ticket or e-ticket , ” said Asaf Cidon , vice president , content security services at Barracuda Networks . Attachments , he said , are documents rigged with malware or are designed to download it from a command and control server . Cidon said other aviation-themed phishing attacks Attack.Phishing contain links to spoofed Attack.Phishing airline sites . In these types of attacks , adversaries go to great lengths to spoof Attack.Phishing the airline ’ s site . “ It ’ s clear there is some degree of advanced reconnaissance that takes place before targeting individuals within these companies , ” Cidon said . Recent phishing campaigns Attack.Phishing , he said , are targeting logistic , shipping and manufacturing industries . Barracuda ’ s warning comes a week after the U.S. Computer Emergency Readiness Team issued an alert of similar attacks targeting airline consumers . It warned email-based phishing campaigns Attack.Phishing were attempting to obtain credentials as well . “ Systems infected through phishing campaigns act as an entry point for attackers to gain access Attack.Databreach to sensitive business or personal information , ” according to the US-CERT warning . Delta said some victims were sent Attack.Phishing emails that claimed to contain invoices or receipts inside attached documents . When asked about the warning , Delta declined to comment . More troubling to Barracuda researchers was the success rate adversaries are having with phishing campaigns Attack.Phishing it is tracking Attack.Phishing . “ Our analysis shows that for the airline phishing attack Attack.Phishing , attackers are successful over 90 percent of the time in getting employees to open airline impersonation emails , ” Cidon wrote in a research note posted Thursday . “ This is one of the highest success rates for phishing attacks Attack.Phishing ” . In June , Microsoft Malware Protection Center reported a resurgence in the use of Office document macro attacks . Researchers say crooks attempting to install malware and perpetrate credential-harvesting attacks Attack.Databreach are more likely to use social engineering to trick Attack.Phishing people into installing malware than to exploit vulnerabilities with tools such as exploit kits .

The gang behind the attacks has compromised technology service firms and plans to use them as a proxy for attacks , security firms have said . The group , dubbed APT10 , is using custom-made malware and spear phishing Attack.Phishing to gain access to target companies . The National Cyber Security Centre and cyber units at PwC and BAE Systems collaborated to identify the group . `` Operating alone , none of us would have joined the dots to uncover this new campaign of indirect attacks , '' said Richard Horne , cyber security partner at PwC . A detailed report drawn up by the three organisations reveals that the group has been active since 2014 but ramped up its attacks in late 2016 . In particular , said the report , it targeted firms who ran key IT functions on behalf of large UK companies . PwC and BAE said the group had mounted many different attacks as part of a campaign they called Operation Cloud Hopper . By targeting the suppliers of IT outsourcing , the attackers were able to stealthily gain access to the networks and systems of their true targets . Dr Adrian Nish , head of threat intelligence at BAE , said the attackers used these third parties as a `` stepping stone '' to get at the companies and organisations they were really interested in . Infiltrating supply chains gave the attackers an easy route into many different targets . `` Organisations large and small rely on these providers for management of core systems and as such they can have deep access Attack.Databreach to sensitive data , '' he said . `` It is impossible to say how many organisations might be impacted altogether at this point . '' The security organisations involved in exposing the APT10 campaign say they have seen firms in the UK , Europe and Japan being targeted by the group . The National Cyber Security Centre and the two security firms have warned known victims that they have been compromised . Spear phishing emails booby-trapped Attack.Phishing with custom-made malware were sent Attack.Phishing to key staff in IT services firms in the first stage of an attack Attack.Phishing . Once the hackers had won access Attack.Databreach they sought out Attack.Databreach intellectual property and other sensitive data . The hacking group maintained a massive network of sites and domains online to serve their various attacks and as a conduit for data they stole , said Dr Nish . Forensic analysis of the times when the attackers were most active as well as the tools and techniques they used led PwC and BAE to conclude that the group was based in China . They have not established who is behind the APT10 group or how it chooses its targets

The UK 's Foreign Office was targeted by highly motivated and well-resourced hackers over several months in 2016 . The BBC understands the government has investigated the previously unreported attack that began in April last year . The UK 's National Cyber Security Centre would not say whether data was stolen Attack.Databreach . But a source told the BBC that the most sensitive Foreign Office information is not kept on the systems targeted by the hackers . Research published on Thursday by cybersecurity firm F-Secure suggested the attack Attack.Phishing was a "spear-phishing" campaign Attack.Phishing , in which people were sent Attack.Phishing targeted emails in attempts to fool Attack.Phishing them into clicking a rogue link or handing over their username and password . To do this , the attackers created a number of web addresses designed to resemble Attack.Phishing legitimate Foreign Office websites , including those used for accessing webmail . F-Secure does not know whether the attack was successful . The company says the domains were created by hackers that it calls the Callisto Group , which it says is still active . However the UK 's National Cyber Security Centre ( NCSC ) declined to say who was behind the attack on the Foreign Office . The targeted emails that were sent out Attack.Phishing tried to fool Attack.Phishing targets into downloading malware which was first developed for law enforcement by the Italian software company Hacking Team . Hacking Team 's surveillance tools were previously exposed in a cyberattack , first reported in 2015 . There is no suggestion that Hacking Team had any involvement in the attacks . F-Secure said that the use of the software should remind governments that they `` do n't have monopolies on these [ surveillance ] technologies '' , and that once created the software can fall into the hands of hackers . The BBC has not seen evidence conclusively identifying the origin of the attack . A cybersecurity expert at another company , who wished to remain anonymous , found a link to information uncovered in the investigation of Russian efforts to influence the US election . Two of the phishing domains used by the hackers were once linked to an IP address mentioned in a US government report into Grizzly Steppe . Grizzly Steppe is the name given by the US government to efforts by `` Russian civilian and military intelligence services to compromise and exploit networks and endpoints associated with the US election '' . However , the cybersecurity expert noted that this connection between the phishing domain and Grizzly Steppe may be a coincidence , as over 300 other domains - many of them not hacking-related - were linked to the same IP address . F-Secure told the BBC that it did notice some similarity between the Callisto Group 's hacking and previous attacks that have been linked to Russia . However , it said despite some similarities in the tactics , techniques , procedures and targets of the Callisto Group , and the Russia-linked group known as APT28 , it believed the two were `` operationally '' separate . It noted that the Callisto Group was also less `` technically capable '' than APT28 .

Hawksmoor Investment Management has sought to reassure clients after it was the victim of a cyber attack earlier this week . The discretionary investment manager , which runs £711m on behalf of clients , has emailed investors to let them know it was the target of an attack on its IT systems . Phishing emails were sent Attack.Phishing out to clients on Tuesday ( 17 January ) purporting to be Attack.Phishing from the company ’ s business development manager , Jill Gill . In an email sent out today ( 19 January ) , Hawksmoor chief executive John Crowley apologised to clients , but said the IT team had quickly identified and resolved the issue . He also said the team had taken “ immediate steps ” to prevent this kind of incident from happening again . “ Hawksmoor treats confidentiality and data protection extremely seriously , and I can assure you that no client data was compromised at any stage , ” he said . Mr Crowley advised clients to delete any emails they received from Ms Gill between 3pm and 4pm on the 17 January . He also recommended that customers change their password if they opened any link on the emails . Last year , the head of cyber technology firm ZoneFox said companies should implement a framework to guard against breaches to their data security

Robotics & Automation News Market trends and business perspectives January 5 , 2017 by Mark Allinson A globally co-ordinated cyber attack has hit 500 industrial companies in 50 countries in the past few months , according to security company Kaspersky . The worst affected were companies in the smelting , electric power generation and transmission , construction , and engineering industries . The attacks Attack.Phishing take the form of emails purportedly from Attack.Phishing famous companies – such as DHL and Saudi Aramco – and most were sent Attack.Phishing from “ legitimate email addresses belonging to valid organizations ” , says Kaspersky . However , Kaspersky says its analysis of the emails compared to known malware shows that “ no new code was written specifically for this attack ” . Kaspersky says the hackers could have accessed Attack.Databreach and read previous communications between the target and their partners . They may then have used this information to craft Attack.Phishing email communications which appear to be legitimate , so that the victim didn ’ t recognize the malicious aspect of the email . If the email is opened , it can steal Attack.Databreach the user ’ s authentication credentials , which are send to a remote server .