The Estonian Information System Authority (RIA) registered 251 cyber incidents during January, more or less the same as the average for the previous year, and the authority also said that a new type of financial fraud is spreading where criminals target the customer base of large companies with fake invoices.
Last month, RIA received information about three financial fraud attempts involving fake invoices. Seemingly on behalf of companies of the Estonian construction sector, medical sector and logistics sector, a number of fake invoices were sent out to cooperation partners and customers that contained requests for transfers to the fraudsters' bank accounts. On two occasions, a domain similar to the name of the company had been registered, while on the third occasion, the fraudsters took advantage of the fact that the company's own e-mail domain had not been sufficiently protected against misuse, RIA said.
"This is a newer scam that could cause significant financial loss in the future, as it may target the entire customer base of some companies," Tonu Tammer, head of the RIA department responsible for the management of security incidents, said.
"RIA has issued guidelines to the public sector on how to make email exchanges more secure by using properly configured Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting and Conformance (DMARC) protocols to prevent misuse. This guide is also suitable for companies," Tammer added.
Criminals also continue to try to make easy money through ransomware attacks. In January, RIA was made aware of six incidents, where a corporate or private computer was infected with ransomware that encrypts data. In one case, the ransomware attack halted the operation of an industrial company for 36 hours, the company itself estimated its economic loss at €17,000.
Editor: Helen Wright