https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2020 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2020 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Digital Service Providers
  • Cloud Service Providers
  • CHANNEL PARTNERS ONLINE
 Channel Futures

Security


Shutterstock

Phishing

Customer Loses $1.7 Million in Phishing Scam, Sues MSP

  • Written by James Anderson
  • January 24, 2020
The perpetrator infiltrated an internal email to pose as the business owner.

An Ohio company that fell prey to a $1.7 million phishing scam is suing its managed services provider.

Boardman Molded Products this week filed a lawsuit against Involta, which it says “failed to protect Boardman’s bottom line” with respect to a breach that took place two years ago. Threat actors gained access to an internal email account and sent six invoices to Boardman’s accounting team over the course of nine days.

The losses totaled $1,759,415, according to a police report .

Now Boardman is suing Involta for breach of service order, and professional negligence and malpractice. It claimed in its lawsuit filing that the MSP didn’t provide the necessary service or training required to stop the crime.

“Boardman relied upon the representations of Involta and accepted Involta’s offer to let Boardman’s IT staff focus on innovation and business-oriented tasks, while Involta was to protect Boardman’s bottom line with secure, highly-available services hosted in Involta’s enterprise-class facilities,” Boardman’s filing said.

Boardman is seeking more than $25,000, plus legal fees.

Involta claimed that the customer’s security policies “were too relaxed,” according to the lawsuit.

Boardman employees didn’t notice a problem with the invoices, as they came from the business owner’s email address and used his normal invoice template. The attackers were using the owner’s Outlook account; he’s owned the business since 1978. The accounting team authorized their bank to wire money to companies in Hong Kong and Cambodia, according to The Business Journal.

The plastic fabrication company and Involta in April 2017 signed a three-year contract totaling $10,995 in monthly recurring charges. Boardman informed Involta that it is terminating the contract.

The company reported the fraudulent invoices to the police on Jan. 25, 2018, and the FBI joined the search for the perpetrators. Boardman’s lawsuit claims that Involta listed the incident as medium priority when Boardman issued a service ticket.

“The day after the incident was first reported, Involta insisted that the breach had never taken place and accordingly closed the ticket,” the filing said.

Involta is an Iowa-based IT service provider that in 2015 acquired DRS, an Ohio-based MSP and consulting firm. A 2018 acquisition of another Ohio-based MSP brought its employee count up to 250. It operates more than a dozen data centers across the Midwest and Arizona.

Neither Boardman nor Involta responded to requests for comment.

You can read a copy of the lawsuit filing, which contains the original service contract and a rundown of Boardman’s complaints.

Boards of directors are concerned about #cybersecurity, too. Prepare for their questions with this article from @Gartner_inc https://t.co/AJexnDeGmq

— Involta LLC (@InvoltaLLC) January 23, 2020

Recent studies have shown that phishing attacks are a top fear for businesses, and cybercriminals seem to view phishing as a rising opportunity. Attackers last summer used this method to strike a prominent channel-focused vendor and attempt to infiltrate other members of the agent community. An AT&T Cybersecurity study found that 29% of businesses view phishing as their most concerning threat.

“One of the reasons they’re so profitable is, unfortunately, us. Human nature,” ProServeIT Corp‘s Marc Mendez wrote in a blog. “Threaten to freeze our accounts and we stop thinking rationally. Offer a bit of flattery and we’re likely to not perceive a threat. Threaten jail time, we panic. These are quite legitimate human vulnerabilities that threat actors prey upon to get us to abandon better judgment and click what they want us to click.”

ID Agent recently recommended two questions employees should ask to help spot nefarious email activity.

Tags: MSPs Business Models Data Centers Security Technologies

Related


  • Security Operations Center SOC
    Kaseya Buying RocketCyber to Improve MSPs' Security Capabilities
    This acquisition "catapults" Kaseya even further ahead of its competition, the company's CEO said.
  • The words Helpful Tips inside a box next to a cartoon megaphone.
    From Salesperson to Trusted Adviser: 3 Tips for Mastering Consultative IT Sales
    Adapt sales techniques to thrive in today's changed landscape.
  • New Hire
    Cybereason Hires Check Point, Fortinet Channel Leaders in North America Expansion
    The channel leaders will expand Cybereason's endpoint business.
  • Businessman stepping up ladder
    Andy Jassy of AWS Is Movin' On Up: Partners React
    Find out what some of your peers and suppliers have to say about Jassy becoming Amazon CEO.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Microsoft Conclusion on SolarWinds Hack 'Conflicts' with Other Messages
  • Vendors: How Do You Measure a Partner Relationship?
  • Black History Month: Celebrating Tech Pioneers
  • The Top IT Challenges Executives Will Face in 2021

Galleries

View all

Channel Partners Virtual 2021 Is the Hottest Ticket in Town

February 26, 2021

Industry Perspectives

View all

The “Roaring 20s” Are Coming

February 25, 2021

Three Ways MSPs Can Improve Supply Chain Security

February 24, 2021

SASE: The Key to Mitigating Business Transformation Risk

February 22, 2021

Webinars

View all

A Partner’s Perspective on Channel Success in 2021

March 17, 2021

XDR and Why it Matters to MSPs

March 24, 2021

Top Security Trends Impacting Technology Security Providers In 2021

March 25, 2021

White Papers

View all

Ready To Add Cutting Edge IoT Solutions To Your Portfolio?

  • 1
February 25, 2021

What Is The Value Of Distribution For The Internet Of Things?

February 25, 2021

The Internet of Things (IoT): Where do You Begin?

  • 1
February 25, 2021

Upcoming Events

View all

Channel Partners Virtual

March 2, 2021 - March 4, 2021

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

Videos and Fastchats

View all

FASTCHAT: How SOAR Eliminates Security Challenges and Elevates Service Provider Revenues

January 6, 2021

Happy Holidays from Channel Partners & Channel Futures!

December 21, 2020

FASTCHAT: How Old, Unpatched Technologies Are Creating New Security Threats for MSPs and Their Customers

December 3, 2020

Twitter

ChannelFutures

Amazon WorkSpaces @awscloud DaaS client will be available on @IGEL_Technology virtual endpoint client OS.… twitter.com/i/web/status/1…

February 26, 2021
ChannelFutures

.@VMware cutting more workers in California as part of ongoing #workforcerebalancing. #layoffs… twitter.com/i/web/status/1…

February 26, 2021
ChannelFutures

#CPVirtual is March 2-4. It’s the hottest ticket in town — any town, since it’s 100% online — so make sure you have… twitter.com/i/web/status/1…

February 26, 2021
ChannelFutures

.@datto, @ThreatLocker partner to streamline #MSP secure business operations. dlvr.it/RtYvJK https://t.co/nKGnwbblNO

February 26, 2021
ChannelFutures

Infographic: Why Partner with Sierra Wireless and GetWireless? dlvr.it/RtYh1m https://t.co/KcBFzXIx7l

February 26, 2021
ChannelFutures

Infographic: The Sierra Wireless Essential Series dlvr.it/RtYgxv https://t.co/CatxbRHzXr

February 26, 2021
ChannelFutures

#Threatprotection is no small matter for #MSSPs. Find out what vendors say you have to do this year to protect your… twitter.com/i/web/status/1…

February 26, 2021
ChannelFutures

Cloud strategies and cybersecurity are key, and #COVID19 will have more impact than #Brexit on U.K. channel, says… twitter.com/i/web/status/1…

February 26, 2021

MSSP Insider

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Channel Partners Online

Want more? Find more channel news and analysis on our sister site, Channel Partners.

Media Kit And Advertising

Want to reach our audience? Access our media kit

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Online
  • Channel Partners Events
  • MSP 501
  • MSSP Insider
  • IoT World Today
  • Webhostingtalk

WORKING WITH US

  • Contact
  • About us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X