Heroes: three football clubs (Russian, French and Argentine), one midfielder and around 40 million euros. Additionally: fraudsters. On the downside: 520 thousand euro. In short: it’s the story of Leandro Paredes' transition from the Russian team Zenit to the French Paris Saint-Germain.
For the uninitiated
In January, the sports media reported Paredes' transfer from Russian Zenit to Paris Saint-Germain in France. The operation was worth about EUR 40 million (for 4.5 seasons). In accordance with the FIFA rules, the first Paredes club, Argentine Boca Juniors, may demand the payment of an amount representing approximately 3.5% of the transaction amount: EUR 1,299,377.48 to be exact.
Both Paris Saint-Germain and Boca Juniors agreed to pay in three installments. The first – in the amount of EUR 519 750.99 – was to reach the bank account on March 6 this year. Unfortunately, the Argentine club didn’t get any money.
Where did half a million euro go?
Of course, international bank transfers take a bit longer, but when the money still has not reached the target account on March 12, Boca Juniors decided to turn to the French for clarification.
On March 18, representatives of the French club replied that the payment had been made. On March 22, a confirmation of payment was sent. According to their estimates, the Argentine club should receive money in a week’s maximum.
Time passed. Clubs exchanged polite messages about the missing money. Ultimately, however, the Argentineans threatened to file a complaint with FIFA, and the French replied that they had transferred the money as agreed. Boca Juniors officials asked for more detailed information, so the French club sent them all available correspondence and documentation. The truth turned out to be cruel.
The Boca Juniors found that their money first went to a bank account for a Mexican company, Vector Casa de Bolsa, at a New York bank. The next ones went to Mexico, on an account owned by a company called OM IT Solutions SA de CV Of course, representatives of Boca Juniors heard these names for the first time.
How is it possible that things have turned this way? It found that some messages from alleged Boca Juniors employees were sent to Paris Saint-Germain from unauthorized addresses. The difference in name was small, which made it almost imperceptible. According to the Argentinean news portal Infobae , which has documentation of the incident, instead of bocajuniors.com.ar, the scammers used addresses in a different domain that differs by only one letter. These messages contained instructions that disappeared 520,000 jobs. euro.
The Boca Juniors club has sought legal aid, and at the time of writing, the investigation is ongoing. According to the report, the scammers managed to gain unauthorized access to the mail of someone from the Argentine club staff, giving them the information they needed to successfully conduct social engineering .
How not to fall victim to such a scam
The above story is obviously not a normal scam. The attackers were perfectly prepared. So the most important thing is to educate your employees so that they know what tricks are used by cybercriminals.
Our Kaspersky Security Awareness program not only teaches you how to inform staff about existing threats, but also how to convey the skills needed to recognize social engineering.