×

Irish Information Security Forum

Pan-European Pepco Group, falls victim to phishing attack

 

The Pan-European discount variety retailer, Pepco Group, fell victim to a sophisticated phishing attack. The incident, which targeted its Hungarian business, resulted in a significant financial loss of approximately €15.5 million.

 

The attack was described as a "sophisticated fraudulent phishing attack"⁴. It involved social engineering tactics, potentially leading to the accidental transfer of money to fraudsters⁴. This type of attack, known as business email compromise (BEC), involves a bad actors spoofing the email address of a legitimate employee within an organization⁴. The bad actors then sends out correspondence to other people in the business, mostly those who work in accounting or finance departments, and asks them to urgently pay an invoice or process a payment⁴.

 

The attack resulted in a cash loss of approximately €15.5 million⁴. At this stage, it is unclear whether the funds can be recovered, although Pepco is pursuing various efforts through its banking partners and the police⁴. The incident does not appear to have involved any customer, supplier, or colleague information or data⁴.

 

According to Pepco’s website, it serves over 57 million shoppers monthly from 4,800 stores in 21 countries, offering apparel, household goods, and toys. The company-owned retail brands include Pepco, Poundland, and Dealz.

 

References


(1) Pepco loses €15.5m in phishing attack on Hungarian operations. https://www.msn.com/en-us/money/companies/pepco-loses-155m-in-phishing-attack-on-hungarian-operations/ar-BB1j7NnB.

(2) Europe’s Pepco loses $17M in phishing attack. https://www.scmagazine.com/brief/europes-pepco-loses-17m-in-phishing-attack.
(3) Retailer Pepco loses about 15 million euros in Hungarian phishing attack. https://uk.finance.yahoo.com/news/retailer-pepco-loses-15-million-171850334.html.
(4) European retailer Pepco loses €15.5 million in phishing (possibly BEC .... https://www.helpnetsecurity.com/2024/02/28/pepco-phishing-bec-attack/.
(5) Pepco Group Falls Victim to Multi-Million Euro Phishing Scam. https://heimdalsecurity.com/blog/pepco-victim-of-phishing/.

IISF Logo

If you are interested in finding out more about the IISF, or would like to attend one of our Chapter Meetings as an invited guest, please contact the
IISF Secretary:

By email:
secretary@iisf.ie

By post:

David Cahill

Information Security

GPO, 1-117
D01 F5P2

Enhance your Cybersecurity knowledge and learn from those at the coalface of information Security in Ireland

 


Forum SPONSORS 

Invitations for Annual Sponsorship of IISF has now reopened.

Sponsorship of IISF Opportunity
(your logo & profile link here)

 

Sponsors are featured prominently throughout the IISF.IE website, social media channels as well as enjoying other benefits Read more

 

secured by edgescan digital security radar logo

© iiSf. All rights reserved. CRN: 3400036GH  - Privacy  - Sponsorship  - Cybersecurity News Index  - Cybersecurity Resources  - X  - Produced by
LinkedIn Twitter