Phishing attack leaves Tecnimont USD5 million out of pocket

The High Court last year rejected a claim by Tecnimont's Saudi subsidiary against NatWest after a fraudster diverted a USD 5 million payment by Tecnimont destined for an Italian Tecnimont subsidiary to a NatWest account in the UK using a phishing attack.

This case emphasises the importance of cyber-resilience and the proper training of employees to guard against phishing attacks and follow the proper procedures when effecting payments. The primary reason for Tecnimont's loss was because the fraudster was able to gain access to its email systems after the Finance Director of its Italian entity fell victim to a phishing email. Whilst Tecnimont was set up to detect and prevent potentially fraudulent payments, namely by having such payments authorised by tokens held by 2 individuals, in fact both tokens were held by a single individual who sent the instruction for the payment to be made without seeking proper authorisation.

Improving cyber-resilience can include the roll-out of multi-factor authentication; "Phish testing"; and real life cyber "war gaming" with legal and forensic specialists to stress test resiliency before an incident arises. As a firm, we have experience in advising on methods to ensure cyber-resilience and offer an experienced team of legal experts to respond quickly in the face of data or cyber-attacks to give you a strategic, controlled response. Visit Data Security Disputes and Cyber to learn more.

For more information regarding the Tecnimont judgment, see our article here.