Conde Nast Sent $8 Million To A Scammer After A Single Email
from the financial-controls? dept
Apparently it's not that hard to scam a big company out of millions of dollars these days. You can just send a single email, pretending to be from a vendor of that company. That's apparently what a guy named Andy Surface discovered when he set up a bank account for an operation he called "Quad Graph," likely designed to be similar to Quad/Graphics, the giant printing company that prints many big name magazines. He then sent a single email to magazine giant Conde Nast, leading the magazine company to send that new account $8 million:In early November, Conde Nast received an "Electronic Payment Authorization” form by email at its offices in ... New York. The form appeared to have been sent by Quad/Graphics. The form requested that Conde Nast direct payments for Quad Graphics to the Quad Graph Account, and provided account information. Conde Nast filled out the form and returned it by facsimile from its offices in ... New York to the facsimile number provided in the form. Following Conde Nast's receipt of the "Electronic Payment Authorization" form, Conde Nast started making payments for Quad/Graphics bills by ACH transfer from a Conde Nast account with JPMorgan Chase Bank in New York to the Quad Graph Account.The whole thing was discovered when the actual printer noticed that it was no longer getting paid and asked Conde Nast what was up. Conde Nast went to the feds, who arrested the guy and amazingly discovered that all $8 million was still sitting in the bank account.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: electronic payments, email, scams
Companies: conde nast
Reader Comments
Subscribe: RSS
View by: Time | Thread
Also if he didn't spend any of it maybe it won't be SO bad for him... Still real bad though.
[ link to this | view in chronology ]
Wait...
If so... This just became x10 funnier if computer nerds got duped by a scammer...
[ link to this | view in chronology ]
Re: Wait...
http://en.wikipedia.org/wiki/Cond%C3%A9_Nast_Publications
[ link to this | view in chronology ]
Re: Wait...
Although they obviously should.
[ link to this | view in chronology ]
Re: Wait...
[ link to this | view in chronology ]
Re: Wait...
http://www.wired.com/threatlevel/2011/04/condenast-hooked-by-spear-phisher/?utm_source=feedburner& amp;utm_medium=feed&utm_campaign=Feed%3A+wired%2Findex+%28Wired%3A+Index+3+%28Top+Stories+2%29%2 9
[ link to this | view in chronology ]
Re: Re: Wait...
[ link to this | view in chronology ]
[ link to this | view in chronology ]
This "Electronic Payment Authorization Form"
[ link to this | view in chronology ]
Perfect opportunity missed
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Irony?
[ link to this | view in chronology ]
Re: Irony?
Which of course brings up the question of what exactly are you seeing in your ads? Have you been to bad places on the 'net? Maybe they just go you pegged. :)
[ link to this | view in chronology ]
Re: Re: Irony?
I always ask myself what ads? what buttons? where?
[ link to this | view in chronology ]
Re: Re: Re: Irony?
[ link to this | view in chronology ]
Re: Re: Re: Re: Irony?
That said, I'd have no need for adblock if the people that ran the ads would take the time to make sure they are good. Even with all the profiling and such on the web, I'd still say less than 1% of ads appeal to me; having them load is a complete waste of time over 99% of the time.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Irony?
[ link to this | view in chronology ]
Re: Re: Re: Irony?
[ link to this | view in chronology ]
Re: Re: Irony?
[ link to this | view in chronology ]
Re: Re: Re: Irony?
Back to topic, it is of my opinion that this is one example of why companies should not outsource spam filtering. There is just no 3rd party out there that can guarantee that every legit email is sent, and every non-legit email is filtered.
Granted, mistakes can happen in house, but at our company, we are running, at most, a rate of 1-2 spam per month that actually make it to the end users inbox, and emails like this one would be caught, questioned, and actual phone calls made before any paperwork is filled out.
Sometimes, there is just no substitute for "hey...wtf is THAT?!?!"
[ link to this | view in chronology ]
Re: Irony?
There are ads on the Internet?
What is this? 1998?
[ link to this | view in chronology ]
Re: Re: Irony?
[ link to this | view in chronology ]
Re: Re: Irony?
[ link to this | view in chronology ]
Re: Re: Re: Irony?
[ link to this | view in chronology ]
Re: Re: Re: Irony?
Typical copyright supporter. We need to get rid of these people.
[ link to this | view in chronology ]
Re: Re: Re: Irony?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Too much
[ link to this | view in chronology ]