Hackers stole $46.7m (£30m) from Ubiquiti Networks in an email scam in which the attackers were able to impersonate the firm’s business partners in a bid to steal cash.
Communications lines controlled by associates of the San Jose firm were somehow corrupted in the attack, allowing hackers to redirect funds to accounts under their control, according to a company filing.
Whilst Ubiquiti did not give details of how this took place, executive email accounts can often be compromised through phishing, in which victims are tricked into inputting their details into a phoney website.
Hackers have also become increasingly adept at so-called email spoofing in the last few years, either by creating email addresses with similar letters to legitimate accounts or configuring their communications settings so the email address appears identical to a trusted account.
Writing in a quarterly securities filing, Ubiquiti said: "As soon as the company became aware of this fraudulent activity it initiated contact with its Hong Kong subsidiary’s bank and promptly initiated legal proceedings in various foreign jurisdictions.
"As a result of these efforts, the company has recovered $8.1m of the amounts transferred. Furthermore, an additional $6.8m of the amounts transferred are currently subject to legal injunction and reasonably expected to be recovered by the company in due course."
According to the firm the remaining $31.8m is subject to investigation by the American and international authorities, with the final cost to Ubiquiti contingent on how much money it can recover.
An internal investigation found no evidence that the firm’s systems had not been penetrated or that corporate data had been accessed in the attack, and no staff are thought to have had "criminal involvement" in the attack.
Stu Sjouwerman, chief executive of security training firm KnowBe4, wrote online: "This is exactly the kind of thing that is prevented by effective security awareness training.
"You can spend a large amount of money putting all kinds of security software in place and you should, but it can be all wasted if you don’t also train your employees and keep them on their toes with security top of mind."
