Norfund, Norway’s state investment fund, has reportedly been the victim of a cyberattack in which cybercriminals stole $10 million from the organization. The fraudsters were able to launch the attack through running business email compromise scams, eventually obtaining access to the email system. This allowed the attackers to monitor communication between Norfund employees and partners, assessing who is responsible for money transfers.
According to the organization, the scammers likely spent several months observing all internal emails and becoming familiar with the process and system. The threat actors created a Norfund email address that impersonated an individual authorized to wire large sums of money through the bank used by Norfund for operations. Then, the attackers falsified the payment information to redirect the transfer into accounts controlled by them in a different country.
Read More: Scammers steal $10 million from Norway’s state investment fund