A real estate development company in Limassol was scammed out of €93,187, philenews reported on Tuesday.
In May, the developer ordered marble and granite online worth €93,187 from a company based in Spain.
A month later, the owner of the Limassol company received an email from someone posing as a representative of the Spanish company who requested a wire transfer of €93,187 to complete the order.
According to philenews, after the transfer, the owner of the Limassol company found out that the bank account did not belong to the Spanish company and reported the incident to the police.
The Cyber Crime Unit is investigating the case.
Police released an announcement informing the public about the scam which is named “Man-in-the-middle-fraud.”
A “man-in-the-middle-fraud” is an attack where the attacker secretly relays and possibly alters the communications between two parties who believe they are directly communicating with each other.
BREAKING DOWN Man-In-The-Middle Fraud
You could become a victim of man-in-the-middle fraud if a criminal “eavesdrops” on your login credentials when you log in to your bank account through an unsecured wireless network. You’ll have no idea that anything unusual is happening. Later, with your login name and password, the thief can clean out your bank account.
Fake WiFi Networks
Criminals can also set up fake public WiFi networks that innocent users then log onto and send data over. The criminal has access to all the information that the users send over that network and can steal any valuable data. A criminal could also conduct a man-in-the-middle attack by setting up a fake website that pretends to be a legitimate website, then stealing consumers’ information when they try to use the fake website. Yet another strategy involves intercepting emails between two parties and creating spoofed emails that cause those parties to provide sensitive data to the man in the middle.
Fraudwatch International recommends “that you use strong mutual authentication between the client and the server. For instance: the server authenticates the client’s request by presenting a digital certificate, and only then can a connection be established. Another method for preventing a MITM attack is never to connect to open Wi-Fi routers directly. If you need to do this, you should use a browser plug-in, such as HTTPS Everywhere or ForceTLS. These plugins will help you establish a secure connection whenever the option is available.”
You can avoid man-in-the-middle attacks by:
- not clicking on links in emails.
- making sure the address of the financial institution’s website you’re visiting starts with https, not just http.
- changing your home Internet password from the default one the Internet service provider issued you.
- not using public WiFi on your phone, tablet or computer to check your email, your bank account balance, your credit card account, or any other site that contains or requires your personal data.
- using Internet security software.