Skip to main content

Malicious Emails Lead to Biggest Bank Robbery Ever

By February 25, 2015October 21st, 2021Blog

If you’re running a group of bank robbers and you want to pull off the heist of the century, what’s your go-to tool to get access to the money? An arsenal of guns or a pile of explosives? Nah, criminals have a weapon a lot more powerful than those: emails.

Gun and bombs might let you get your hands on some money, but an email is a lot sneakier and gives you access to many millions more. Don’t believe us? Hackers just pulled off a heist of as much as $900 million using virus-infected emails as their weapon of choice.

The damage done

According to this article in the New York Times, hackers stole between $300 million and $900 million dollars from over 100 banks in over 30 countries. They were sneaky about it. They stole money in different ways. Sometimes they would instruct an ATM to start spitting out cash as an accomplice walked by. Other times they’d transfer money from the bank into an account, and then quickly from that account into a new account owned by the hackers.

They carefully planned their actions so that if any were noticed, the actions would look like an error or normal business actions taken by bank employees.

How they pulled it off

Stealing 900 million dollars might sound like a story fit for the movie theater, but rest assured this heist wouldn’t have made a great movie. To gain access to the banks, the hackers used virus-infected emails. Once one person in a bank clicked an infected email, the virus would quickly spread, giving cyber-criminals total access to the bank’s operations. They would collect data about transactions as well as images and video from the bank to learn how the bank did business, lurking for months before finally stealing any money.

What it means for you

What if this happened to you? One part of cybercrime that makes it so scary is that you might not know you’re a victim until long after the crime has been committed and your money stolen. To prevent physical attacks, you can add armed guards or thicker, blast-proof walls, but preventing a cyber attack can be more complicated because it’s difficult to tell how protected you really are.

Email security needs to be a centerpiece of your cyber security strategy. Think of your organizations’ email accounts like your front door. A lot goes in and out of them, but it’s important to only let in what is supposed to get in.

But what if you closed the front door of your organization so some people could never make it in, even if they were supposed to be able to enter? Believe it or not, this happens to many organization’s email systems. Email security tools that employ “content filtering” – which is almost all of them – end up preventing most malicious emails from entering at the price of also stopping legitimate emails, too.

Here’s where Sendio enters the picture: Think of Sendio like your organization’s cyber bouncer. We’re standing at the door to make sure only reputable characters can make it into your organization’s inboxes. You won’t get any malicious emails, but you’ll never miss another legitimate email again. We can do this because we filter differently. Instead of filtering emails based on the content they include, we filter by contact. We consider who sends the email, not just what is in the email. Why doesn’t everyone do it that way? Beats us.

Want to learn more about contact filtering and how it can help keep your inbox clean of attacks from cyber criminals? Call (949) 274-4375 or fill out this form to schedule a demo.