Our client is a construction business based in the UK. Having grown through acquisitions over recent years, it has experienced strain on its systems, processes and technology as new businesses were integrated.

The challenge

Our client experienced a sophisticated invoice fraud. Its finance function was compromised as a result of a phishing email being opened and activated by an employee. Cyber criminals changed the payee details for a large supplier on our client’s finance system.

Multiple invoices set up to look like they were from this supplier were sent to a employee in the finance function. The invoice frequency, amounts requested and detail included followed an expected pattern of behaviour for the supplier. Our client paid these invoices and it was only after being chased for payment from the actual supplier that it was alerted to the fraudulent activity.

The amount paid out was in excess of £1.3 million. Our client recovered some of the monies paid out via banks but not the full amount.

Our solution

We undertook a diagnostic exercise with our client to understand its current cyber security posture. This enabled us to prioritise areas where the client may want to focus resource going forward.

The fraud may have been prevented through activities such as regular training and awareness for all staff, and supply chain monitoring (working with suppliers to understand their cyber risk exposure). Our client wanted to understand how it could mitigate against such an occurrence in the future.

The outcome

Our client is currently considering a cyber programme of activity in order to strengthen its defences and achieve the cyber security standard, Cyber Essentials Plus. A training and awareness programme and supply chain monitoring now form part of its ongoing cyber action plans.

About our team

We are a specialist team of cyber intelligence and security experts, offering a range of services for clients, including provision of threat intelligence, cyber assessments, vulnerability scanning, security consultation and design, as well as bespoke cyber training and awareness for all levels in an organisation.

James Arthur

James Arthur