Belgian conglomerate Eloy, who specialises in water treatment and public building works, has been scammed for over €500,000 after falling victim to a phishing scam, according to regional newspaper La Meuse.
At the end of last year, the Walloon company received an email that claimed to be from Dauoust Interim, a company that supplies temporary workers to Eloy. The email asked for the latest salary payments to be made to a new account number. In reality, the email never came from Daoust but was sent by an unknown group of scammers.
For several weeks, Eloy sent repeated payments to the fraudulent account. In total, these amounted to nearly €510,000 before the company realised its mistake.
The scam highlights basic shortcomings in security protocol at Eloy. The fraudulent email was not sent from the real email address of Daoust, and according to La Meuse, even the style of the email was not correct and contained mistakes.
Phishing scams are simple in nature but have significant, and often very costly, consequences.
In 2013-2015, a Lithuanian hacker impersonating Taiwan-based tech company Quanta Computer sent an elaborate fake invoice to U.S tech giants Facebook and Google. The mistake set back the two companies €90.6 million.
To avoid phishing scams, companies and ordinary people should carefully examine the sender address of incoming emails, avoid clicking on links from unknown sources, and use email software to automatically detect and delete phishing emails.