Three British private equity firms were tricked into making wire transfers worth a total £1.1 million (around $1.3 million) following a sustained attack by cybercriminals, according to a newly released investigation by Israeli cybersecurity company Check Point. News of the attack comes at a time when cybercriminals are ramping up efforts to rip off private fund managers, and investors are working to fend them off.

Check Point found that a hacker dubbed The Florentine Banker had targeted the three unnamed firms for several months in a phishing attack, using bogus emails and registering look-alike domains. Four attempts were made in December to wire £1.1 million to fraudulent bank accounts in Hong Kong and the UK. An emergency intervention salvaged £570,000; the rest of the money was permanently lost.

Many criminal groups are focusing their efforts on financial organizations by manipulating transactions, typically via a phishing email, according to Richard Horne, a cybersecurity-focused partner at PwC. "They try to lure someone in to clicking on a link that lets them download some malicious code onto their laptop, or they trick someone into entering usernames and passwords that allow the attacker to log on," he explained.

Check Point said The Florentine Banker, for example, typically targets senior executives or those in charge of money transactions. In this recent attack, the first phishing emails targeted just two staff members, one of which one gave their credentials to the attacker. The attacks then continued for weeks, using different methods as new people were added to a list of targets, giving attackers a clearer financial picture of the company.

"Private equity and venture capital [firms] have become a lucrative target for [business email compromise] operations," Check Point incident response analyst Matan Ben David wrote in his report. Ben David explained that VC firms' involvement in large money transfers "makes them the perfect target to introduce new and fraudulent transactions."

The attack bears similarities to another incident documented by Check Point last year in which a Chinese VC was tricked into transferring $1 million to scammers. The firm thought it was sending seed capital to an Israeli startup. The con was only uncovered when the startup said the funds had not arrived. Ben David noted that The Florentine Banker has sharpened its techniques from multiple attacks over several years of activity, nimbly adapting to new situations.

It is no surprise that cybersecurity is a priority for many managers. A survey carried out by PwC in 2018 revealed that 41% of investors and analysts were concerned about cyber threats, placing it first as the largest business threat, up from fifth place the previous year.

"Organizations are getting more effective over time at either stopping cyber breaches or detecting them quickly enough to be able to contain them," said PwC's Horne. "But that just causes the attackers to innovate and they have the means to do so. They have funds and they have smart people."

Featured image via Peter Cade/Stone/Getty Images

Related content