An online cybersecurity event with 2,500 people already logged in had to be cancelled after suspected cybercriminals launched a social engineering attack in the event’s chat window.
According to multiple media reports, the Australian Institute of Company Directors had been scheduled to run an an online event today for nearly 5,000 registrants at which the organization planned to discuss its new “cybersecurity governance principles.” After the event, scheduled to commence on LinkedIn Live at 1 PM local time, did not begin punctually, someone posted into the event chat window an official-looking Eventbrite type link, instructing users to click that link and resubmit their credit card details to join the event. The number of users who fell prey to the scam is as of yet unknown – but, other messages posted to the chat with complaints that a second shared link (also illegitimate) did not work properly seem to indicate that some people likely did, in fact, fall prey.
Shortly after such messages appeared, the AICD, in order to protect attendees, cancelled the event, and contacted local law enforcement.
Cybersecurity has become an especially hot topic in Australia recently, after two separate major hack attacks dominated news headlines in recent weeks: This week, news reports emerged that Australia’s largest health insurance company, Medibank, appears to have fallen victim to a hacker who claims to have stolen approximately 200 gigabytes of data about the insurer’s 3.7 million customers; the hacker has even offered to show the stolen data pertaining to 100 customers as evidence of their successfully having breached the company. This major incident became known to the Australia’s pubic just two weeks after it learned that Optus, the country’s second-largest mobile phone network provider, was also hacked, leading to the records of nearly 10 million of its customers’ data being held for ransom by a cybercriminal.
Of course, the occurrence of suspected cybercriminal activity during a session for business leaders about cybersecurity, and the fact that even attendees of such an event likely fell prey to the scam, only underscores how problematic cybercrime has already become, and how badly we need to improve in our fight against it.