Small clinic affected by business email compromise

May 7, 2024

In March 2023, a small clinic in Southeast Asia fell victim to a Business Email Compromise (BEC) attack, which had severe repercussions on the clinic’s operations and finances.

In March 2023, a small clinic in southeast Asia experienced a damaging Business Email Compromise (BEC) attack, illustrating the far-reaching consequences of such an incident even for modest-sized businesses. The attackers meticulously researched and targeted clinic staff, utilising phishing emails to deceive employees into clicking on malicious links or downloading infected attachments. Through a successful phishing attempt, the attackers gained unauthorised access to an employee's email account. This allowed them to send fraudulent emails to clients, posing as clinic staff and redirecting payments to the attackers' accounts.

Upon discovering the breach, the clinic's response included attempting to delete the compromised account and seeking assistance from their IT contractor and, when it became clear more specialist support was needed, Blackpanda. Unfortunately, at that point the attackers' tactics had already led to several clients transferring them funds, resulting in a substantial loss.

The financial impact extended beyond the monetary loss, as it included incident response and recovery costs. The BEC attack also inflicted significant reputational damage, highlighting email security vulnerabilities and raising concerns about safeguarding patient information. 

Download the full case study below.

Sign Up to Our Newsletter

Our weekly Asia Cyber Summary is a snappy, non-technical overview of regional cybersecurity news that helps you stay informed. Test it today, you can always unsubscribe.