The Indian subsidiary of Tecnimont SpA, headquartered in Milan, fall prey to a fraud wherein $18.6 million (INR 130 crore) were being stolen by a group of Chinese hackers.
Tecnimont SpA is involved in a wide array of businesses like energy, chemicals, and engineering, it operates in conjunction with the publicly traded blue-chip Italian group Maire Tecnimont, which did not categorize the heist as a cyber attack but a fraud and refused to comment any further.
Referencing from the police complaints, the hackers sent emails to Tecnimont Pvt Ltd’s head via an email address that resembled that of Pierroberto Folgiero, CEO, they manipulated local managers into believing that the money was required for acquisition.
How did the hackers execute the theft?
Sources from Mumbai Police’s cybercrime unit indicated that the con gang from China organized a series of conference calls with the motive of exchanging views on a probable secretive and highly confidential acquisition in China.
During these phone conversations, various people are reported to be playing various roles varying from the group CEO, top lawyer to the senior executives of the company.
While doing so, the hackers manipulated the Indian head and made him believe that the money could not be sent from Italy because of some regulatory issues. After being convinced, he transferred the money in three transactions during a week in the month of November, dissecting the transactions a bit — $5.6 million, $9.4 million and $3.6 million.
The aforementioned are the three tranches in which the money was transferred from India to Hong Kong and was withdrawn within a few minutes of the transfer. Immediately after, the hackers attempted the fourth transaction but fortunately, the fraud had been identified by then and it finally was unveiled during company chairman Franco Ghiringhelli’s visit to India in December. The accounts into which the money was sent were opened via fake documents.
According to ET, the matter is being taken up for investigation by a Mumbai-based law firm and a Manhattan-based security firm ‘Kroll’. Meanwhile, assisting efforts are being made by MZM, a white-collar crime and dispute resolution law firm in India.
Referenced from the remarks made by Zulfiquar Memon, managing partner of MZM Legal, “This is a very serious case of electronic fraud by a very highly skilled group of international criminals working with high-end technology,”
“We are working with the Mumbai Cyber Cell to investigate the matter and get to the bottom of this.”
Sourced from the statements given by Dhruv Phophalia, managing director, Alvarez & Marsal India, “In addition to masking email addresses, hackers in the past have used malware to penetrate and monitor email communications,”
“This enables them to gather information, learn writing styles and language used by a user in email communications and replicate them in the spoofed emails.”