Phishing is still effective.
The Associated Press agency is reporting a large-scale "cash register leap", which the government of Puerto Rico fell victim. The non-integrated US territory has been the victim of criminals who they successfully extorted $ 2.6 million (about usd 10 million). A simple method of impersonating another person via email was sufficient. Rubén Rivera, financial director of one of the local government agencies, confirmed to the local police that the money was transferred to the cybercriminal's account.
Rivera explained that the funds were transferred on January 17 in response to a message saying that the bank account had been allegedly changed in connection with the payment of one of the outstanding payments. Agency representatives realized that they had fallen victim to fraud only this week, when they also informed the FBI about the case.
Manuel Laboy, one of the agency's executive directors, refused to report how officials found out about the fraud, whether anyone had been dismissed, and how the missing funds had affected the agency's operations. He only said that an internal investigation is being conducted to determine if anyone was neglected or did not follow the standard procedure, adding that government officials are trying to recover money.
It would seem that phishing is something that is getting scarce in fewer people. Meanwhile, Proofpoint has reported that as much as 65% of US organizations were victims of phishing at least once last year. Mostly this was associated with data loss or ransomware infection. 35% of companies lost money as a result of phishing.