- The attackers gained unauthorized access to an employee’s email account to send fake invoices and other bogus documents.
- The scammers claimed that the money was required for the purchase of solar panels in health centers in Pakistan.
Save the Children Federation, a popular charity that operates across the world, admitted that it fell victim to a scam in 2017. The firm revealed that it lost $1 million to a cyberscam that involved the use of fake invoices.
About the scam
The charity firm told the Boston Globe that the attackers gained unauthorized access to an employee’s email account. The account was later used to send fake invoices and other bogus documents in order to trick the firm into sending nearly $1 million to a fraud entity in Japan.
The scammers claimed that the money they requested was required for the purchase of solar panels in health centers in Pakistan. However, the charity realized that it was a scam after the funds were transferred. It has since enhanced its security practices. The Save the Children Foundation claims that it has recovered most of the money lost in the scam - except for $112,000 - through insurance claims.
“We have improved our security measures to help ensure this does not happen again. Fortunately, through insurance, we were ultimately reimbursed for most of the funds,” Stacy Brandom, the firm’s CFO told Boston Globe.
This was not the first time that the charity fell for a scam. In another such incident, the charity firm was tricked into sending $9,210 to scammers - who gained access to one of the charity’s vendor. That money was also regained via insurance claims.