This week:
3 – An unplanned write-off by Ireland’s debt management agency
2 – AI means any phone call could be a scam call
1 – You may be delighted to be included in this data breach
3 – An unplanned write-off by Ireland’s debt management agency
“State’s debt management agency loses €5m in phishing attack”
Source: Irish Examiner
What’s the story?
Ireland’s National Treasury Management Agency (NTMA), managing Ireland Strategic Investment Fund (ISIF) worth €17 billion, was duped into sending €5 million to a fraudster.
The scam involved a phishing email, disguised as a legitimate capital call, which fooled staff into transferring the money to the fraudster.
So what?
It’s a reminder of why security is not just about your technology.
It’s also about your people, processes, and protocols.
2 – AI means any phone call could be a scam call
“A Florida woman says she was conned out of $15,000 by a scammer who used artificial intelligence to replicate her daughter’s voice.”
Source: Independent
What’s the story?
A mother recently received a call from her distressed daughter. Her daughter told her she had been texting while driving and had collided with a heavily-pregnant woman. A man then came on the call, claiming to be her daughter’s lawyer, and said they needed $15,000 in cash to pay her bail. The mother withdrew the money from her bank account and gave it to the driver sent over to her home by the lawyer.
She only realised this was all a scam when her daughter sent her a text message during her lunch break.
The scammers used technology to make it look like the phone call was coming from her daughter’s phone number and they used AI to replicate the sound of her daughter’s voice.
Even now, the mother is adamant that no-one could convince her that the voice she heard on the phone that day was AI-generated.
So what?
We cannot trust that a caller is the person they say they are.
If possible, hang up and call them back.
If that’s not possible, ask them something that only they could possibly know.
1 – You may be delighted to be included in this data breach
“Luxury fashion giant Louis Vuitton confirmed that breaches impacting customers in the UK, South Korea, and Turkey stem from the same security incident”
Source: Bleeping Computer
What’s the story?
The luxury fashion company, Louis Vuitton, has confirmed that a single cyberattack has compromised customer data across several regions, including the UK, South Korea, Turkey, Italy, and Sweden. Exposed information includes names, contact details, and purchase history, though payment data remained secure.
Apparently, the breach occurred when attackers gained access to a third-party vendor’s database.
So what?
If you’ve ever chosen to spend your money on genuine Louis Vuitton’s products, you may be delighted to know that the world now knows your stuff is genuine!