1. Compose a summary of the case. Include how the fraud was perpetrated, the characteristics of the perpetrator(s) who committed the fraud, the role the auditor(s) had in the case, and the direct and indirect effects the incident had on the organization’s stakeholders (customers, vendors, employees, executive committee, and board of directors).
Comerica is being sued by Experi- Metal’s for a $560,000 phishing attack to their bank account. Experi- Metal, a custom auto- parts maker, was hit by phishing criminals in January 2009. The fraud was perpetrated when the bank’s vice president received a phishing email telling him to fill out online paperwork to perform scheduled maintenance. The e-mail appeared to have been sent from the bank. The email was sent from phishing criminals) Once the president sent over his credentials the attack was started. Experi- Metal accused Comerica of failing to take immediate action that could have eliminated some of the loss.
The bank processed over a million dollars in wires from the companies account. The attack was done in a matter of hours. Criminals tried to move millions of dollars to an Eastern Europe account. Comerica learned of the attack within four hours of the fraud. J.P. Morgan Chase contacted Comerica to report suspicious activity in the account. The criminals were funding money into the Chase Accounts to move it overseas to Russia and Estonia. Comerica shut down the scam but it was after the business lost money. Comerica shut down the account but still processed 15 wires after finding out about the scam. Comerica filed suit against the bank for the phishing attack and to try to recoup some of the money that was paid out through the phishing attack.
The characteristics of the perpetrator are usually people from abroad and the emails have spelling errors. The attacks come from abroad and the emails will contain misspelled and transposed letters. The attackers send out thousands of emails trying to...
Please join StudyMode to read the full document