Cyber Incident Victim: Austria

In early January 2024, a business in Austria's Ybbstal region fell victim to a financially motivated cyberattack targeting its email communications. Unidentified threat actors compromised the company's email account, gaining unauthorized access through IP addresses traced to France. The attackers conducted multiple intrusions into the account over an unspecified period. Following this access, they crafted and sent a fraudulent payment request email from the compromised account to one of the company's business clients. This spoofed communication replicated legitimate billing procedures but contained manipulated banking details, specifically substituting a fraudulent International Bank Account Number (IBAN) for the genuine recipient information.

The deceived client processed a payment of approximately €95,000 to the specified account, believing it to be a valid transaction for outstanding invoices. Funds were transferred to a bank account in Portugal before the fraud was detected. The incident resulted in a total financial loss equivalent to the transferred amount, with no recovery mechanism detailed in available reports. Law enforcement authorities documented the case but did not publicly identify suspects or disclose investigative outcomes. The attack exclusively impacted financial operations through business email compromise, with no evidence suggesting broader system infiltration, data exfiltration, or disruption to other organizational functions beyond the fraudulent transaction.