James O'Keefe with email on screen

Project Veritas/YouTube

Right-wing sting artist James O’Keefe says hackers scammed his Project Veritas out of $165,000

The hack appears to be what is known as a Business Email Compromise (BEC) attack.

 

Mikael Thalen

Tech

Posted on Sep 13, 2021   Updated on Sep 13, 2021, 12:20 pm CDT

Project Veritas announced on Monday that it was defrauded out of $165,000 after being targeted by hackers.

James O’Keefe, the group’s founder, said that scammers posing as the group’s attorneys were able to convince his team to transfer funds out of their bank account.

“So we received an invoice for $165,000 from a few of our attorneys and we intended to pay that invoice so we set up wire transfers for payment,” O’Keefe says. “Within an hour the lawyers reached out to us asking us to pay the invoice via a new account they had set up.”

https://twitter.com/EricSpracklen/status/1437422042970742790?s=20

O’Keefe further claims that the hackers appeared to be monitoring his correspondence with his actual attorneys before interjecting with a similar-looking email account.

“They actually impersonated the actual name of our lawyer, changing a few letters in the email address, replying in real-time to an email chain with our actual attorneys,” O’Keefe added. “It appears the fraudsters were watching, waiting for an invoice to be sent to us and then pounced, impersonating them, replying to a real email as the lawyer’s name the moment the invoice came.”

The hack appears to be what is known as a Business Email Compromise (BEC) or Email Account Compromise (EAC) attack. The FBI describes such attacks as sophisticated scams “targeting both businesses and individuals performing transfers of funds.”

“The scam is frequently carried out when a subject compromises legitimate business email accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds,” the FBI explained in a report last year.

The FBI says it received 19,369 BEC complaints in 2020 alone, representing a loss of more than $1.8 billion in funds.

But that wasn’t the only attack Project Veritas claims to have been targeted by. O’Keefe goes on to state that his organization had also been hit with Denial-of-Service (DoS) attacks. Specifically, O’Keefe says the attackers made numerous $50,000 donations to the company and then requested a refund, which would force Project Veritas to pay processing fees.

The attacks came just days after Project Veritas’ New York headquarters was flooded by Hurricane Ida.


Read more of the Daily Dot’s tech and politics coverage

EXCLUSIVE: Rep. Loudermilk gave a radio interview that blows up his denials about hosting Jan. 6 protesters in his office
‘The internet is not safe for us’: Atheists are afraid online as Pakistan violently cracks down on digital blasphemy
EXCLUSIVE: The Secret Service was worried Trump would get hit with a milkshake
EXCLUSIVE: Here’s how U.S. Border Protection bent over backward to accommodate the far-right’s crowdfunded Trump wall
How the Republican plot to stall Gigi Sohn’s FCC nomination is about to cripple the future of internet rights
Libs of TikTok—the influential, mystery Twitter account hailed by mainstream conservatives—attended Jan. 6 Capitol protest
Sign up to receive the Daily Dot’s Internet Insider newsletter for urgent news from the frontline of online.
Share this article
*First Published: Sep 13, 2021, 12:13 pm CDT