September 21, 2016 by

Wall Street Technology Firm Sued for Losing $6 Million in Phishing Email Scam

Tillage, a commodities investor is suing big Wall Street firm SS&C technologies for falling for a routine phishing scam that saw $6 million siphoned from Tillage’s Commodities Fund.

Major Wall Street software firm SS&C Technologies, a $6 billion market capitalization firm that calls itself the “most comprehensive powerhouse of software technology in the financial services industry”, is being sued. The lawsuit, filed by lawyers for Tillage sees the commodities investor lose $6 million, forcing it to close its fund temporarily.

An excerpt from the filed lawsuit says that SS&C staff failed to “exercise even a modicum of care and responsibility in connection with known and obvious cybersecurity threats,” as reported by CNBC.

Tillage alleges that an SS&C employee broke protocol after transferring funds to accounts controlled by Chinese hackers, after receiving an email asking him to release the funds.

The wire transfer occurred several times, including the largest one that saw $3 million transferred in a single transaction. In this particular request, the email reportedly stated nothing more than: “How was your weekend? Let’s round business up today.”

Furthermore, the suit also points to one SS&C staffer who frequently released Tillage’s funds “merely minutes” after receiving the fraudulent emails with wire transfer requests.

Somewhat alarmingly, Tillage’s allegations even points to circumstances wherein SS&C enabled the theft by not following their own policies. Failed transfer orders sent by Chinese scammers were fixed by SS&C staff, Tillage said in its lawsuit.

It read:

As if these failures were not enough, SS&C actively and inexplicably assisted the perpetrator of this fraudulent scheme, by helping the perpetrator correct and clarify his or her initially flawed wire instructions.

Tillage turned to SS&C as an independent third-party administrator for their fund due to claims from the latter that they are the best in the business while adding that the SS&C “assumes the operations, staffing, and systems risk from the fund,” as reported by CSO.

The investor has suspended its business operations since March and is seeking $10 million in damages, as well as other punitive damages and legal fees, according to the lawsuit

Image credit: Pixabay.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Nearly 50% of Organizations are Victims of Ransomware Attacks

A new study has revealed that ransomware attacks targeting organizations continue to be one the...

Read more arrow_forward

Email Scammers are Stealing Billions from American Companies

In a cybersecurity conference held in New York City on Tuesday, FBI assistant director of the...

Read more arrow_forward

Clever Dropbox Phishing Scam

Phishing campaigns just got much more believable.

Read more arrow_forward