James O'Keefe with email on screen

Project Veritas/YouTube

Right-wing sting artist James O’Keefe says hackers scammed his Project Veritas out of $165,000

The hack appears to be what is known as a Business Email Compromise (BEC) attack.

 

Mikael Thalen

Tech

Posted on Sep 13, 2021   Updated on Sep 13, 2021, 12:20 pm CDT

Project Veritas announced on Monday that it was defrauded out of $165,000 after being targeted by hackers.

James O’Keefe, the group’s founder, said that scammers posing as the group’s attorneys were able to convince his team to transfer funds out of their bank account.

“So we received an invoice for $165,000 from a few of our attorneys and we intended to pay that invoice so we set up wire transfers for payment,” O’Keefe says. “Within an hour the lawyers reached out to us asking us to pay the invoice via a new account they had set up.”

https://twitter.com/EricSpracklen/status/1437422042970742790?s=20

O’Keefe further claims that the hackers appeared to be monitoring his correspondence with his actual attorneys before interjecting with a similar-looking email account.

“They actually impersonated the actual name of our lawyer, changing a few letters in the email address, replying in real-time to an email chain with our actual attorneys,” O’Keefe added. “It appears the fraudsters were watching, waiting for an invoice to be sent to us and then pounced, impersonating them, replying to a real email as the lawyer’s name the moment the invoice came.”

The hack appears to be what is known as a Business Email Compromise (BEC) or Email Account Compromise (EAC) attack. The FBI describes such attacks as sophisticated scams “targeting both businesses and individuals performing transfers of funds.”

“The scam is frequently carried out when a subject compromises legitimate business email accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds,” the FBI explained in a report last year.

The FBI says it received 19,369 BEC complaints in 2020 alone, representing a loss of more than $1.8 billion in funds.

But that wasn’t the only attack Project Veritas claims to have been targeted by. O’Keefe goes on to state that his organization had also been hit with Denial-of-Service (DoS) attacks. Specifically, O’Keefe says the attackers made numerous $50,000 donations to the company and then requested a refund, which would force Project Veritas to pay processing fees.

The attacks came just days after Project Veritas’ New York headquarters was flooded by Hurricane Ida.


Read more of the Daily Dot’s tech and politics coverage

Nevada’s GOP secretary of state candidate follows QAnon, neo-Nazi accounts on Gab, Telegram
Court filing in Bored Apes lawsuit revives claims founders built NFT empire on Nazi ideology
EXCLUSIVE: ‘Say hi to the Donald for us’: Florida police briefed armed right-wing group before they went to Jan. 6 protest
Inside the Proud Boys’ ties to ghost gun sales
‘Judas’: Gab users are furious its founder handed over data to the FBI without a subpoena
EXCLUSIVE: Anti-vax dating site that let people advertise ‘mRNA FREE’ semen left all its user data exposed
Sign up to receive the Daily Dot’s Internet Insider newsletter for urgent news from the frontline of online.
Share this article
*First Published: Sep 13, 2021, 12:13 pm CDT