Fraudsters steal millions from Ryanair account

Fraudsters have apparently managed to syphon some 4.5 million euros (about $5 million) out of a bank account belonging to Ryanair, Europe’s biggest low-cost airline.

According to the Independent, the company confirmed that the theft was carried out last week through a fraudulent electronic transfer via a Chinese bank.

Ryanair is working with banks, the Criminal Assets Bureau in Dublin, and similar agencies in Asia to get the money back, and apparently they have succeeded: the fraudulently drawn out funds have been frozen, and the company expects them to be returned to them shortly.

They say they have “taken steps to ensure that this type of transfer cannot recur,” but offered no details about how this particular transfer did.

“There are very few details available publicly as to how this scam was conducted. If, as outlined in some reports, the scam was the result of a hack it would seem most likely the methods used by the criminals would have been to phish credentials from key staff members with access to the relevant banking systems,” Brian Honan, CEO of BH Consulting and Special Advisor on Internet Security to Europol’s European Cybercrime Centre (EC3), commented for Help Net Security.

“Criminals are now developing their attacks to target people instead of the computers they use, so our defences can no longer rely solely on technical controls, but rather we need the right processes are in place to protect key systems and that staff have proper and effective security awareness training. We should also look to our financial institutions to implement more effective fraud prevention and detection mechanisms to better protect customer accounts.”