How Hackers Emptied Church Coffers with a Simple Phishing Scam

Sam Bocetta reports:

The approach was simple, a combination email scam and social engineering phone call. All it took was a call to St. Ambrose Catholic Parish, claiming to be Marous Brothers Construction, a company working on a church renovation project for the past two months. But the phone call wasn’t from Marous Brothers Construction. The scammers told the church that payments were late.

A statement from the Saint Ambrose Catholic Parish’s Father Bob Stec said:

On Wednesday, Marous Brothers [construction] called inquiring as to why we had not paid our monthly payment on the project for the past two months totaling approximately $1,750,000. This was shocking news to us, as we have been very prompt on our payments every month and have received all the appropriate confirmations from the bank that the wire transfers of money to Marous were executed/confirmed.

Read more on Dark Reading.

About the author: Dissent