News, 29.02.2024, 12:30 PM
The European discount retail chain Pepco Group, which operates in 21 countries, reported a phishing attack in its branch in Hungary, which resulted in losses of 15.5 million euros, the company announced.
According to the statement, the company was the target of a “sophisticated phishing attack”.
“At this stage it is not clear whether the funds can be recovered, although Pepco is making efforts through its banking partners and the police,” the statement said.
The company says no customer, supplier or employee data appears to have been stolen.
Pepco is taking the “necessary immediate steps to investigate and respond to the incident, to ensure the integrity of its IT environment and financial controls across the group.”
According to Pepco's website, it has more than 57 million customers a month from 4,800 stores in 21 countries, where it sells clothing, household goods and toys. Retail brands owned by the company include Pepco, Poundland and Dealz.
Pepco assures investors that the company is financially stable.
As reported by the HelpNetSecurity portal, although Pepco says it is a phishing attack, this could be a Business Email Compromise (BEC) attack that resulted in money being transferred to fraudsters' accounts. In such attacks, fraudsters falsify the email address of an employee of the company, from which emails are then sent to other employees, usually those who work in accounting, with a request for urgent invoice payment.
The widespread availability of AI tools makes it easier than ever to carry out such attacks, as these tools allow fraudsters to compose an email without spelling errors and to reflect the tone of the previous email.