A group of cybercriminals impersonated the company Sistemas Informáticos Abiertos (SIA) to request payment from the Institut d'Informàtica (IMI) for services rendered for the months of December 2021 and January 2022.
SIA had informed IMI that they had not received any payment since November, but had been paying into a different current account after falling for the phishing scam, which was issued via a fraudulent email detailing that payment for services needed to be switched to another bank account.
TPRM report: https://scoringcyber.rankiteo.com/company/sia-group
"id": "sia233181122",
"linkid": "sia-group",
"type": "Cyber Attack",
"date": "05/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Information Technology',
'name': "Institut d'Informàtica (IMI)",
'type': 'Organization'}],
'attack_vector': 'Email',
'description': 'A group of cybercriminals impersonated the company Sistemas '
'Informáticos Abiertos (SIA) to request payment from the '
"Institut d'Informàtica (IMI) for services rendered for the "
'months of December 2021 and January 2022. SIA had informed '
'IMI that they had not received any payment since November, '
'but had been paying into a different current account after '
'falling for the phishing scam, which was issued via a '
'fraudulent email detailing that payment for services needed '
'to be switched to another bank account.',
'initial_access_broker': {'entry_point': 'Email'},
'motivation': 'Financial Gain',
'post_incident_analysis': {'root_causes': 'Phishing email'},
'title': "Phishing Scam Targeting Institut d'Informàtica (IMI)",
'type': 'Phishing',
'vulnerability_exploited': 'Phishing'}