All it took was one e-mail to swindle $8 million from publishing company Conde Nast.
Papers filed by U.S. prosecutors in Manhattan reveal that the publisher of Vogue, Vanity Fair and the New Yorker was tricked into thinking it was paying its regular printing company -- but was in fact being billed by a man identified as Andy Surface in Texas, Reuters reported.
By the time Conde Nast realized something was amiss, the company had already wired Surface $8 million.
The incident shows how even large corporations are at risk when it comes to classic scams like phishing.
Often, phishers acquire sensitive information such as usernames, passwords and credit card details by masquerading as a legitimate organization or company.
The incident comes to light during a week in which hackers nailed giant e-mail service provider Epsilon Interactive -- which supports hundreds of international brands such as Best Buy, Hilton, and Target -- compromising millions of names and personal e-mail addresses.
A company spokeswoman said Conde Nast does not comment on active legal proceedings.
The six-week scheme started in early November when Conde Nast received an e-mail purporting to be from Quad/Graphics, the company's usual magazine printers, asking for payment to a different account, the court papers said.
Conde Nast, the papers said, simply filled out the form in the e-mail, faxed it over, and began sending payments to the new account.
By late December, Conde Nast's real printer outfit contacted the publisher to say it had not received any payments, raising the New York-based media company's suspicions.
The forfeiture allegation, filed in Manhattan federal court on March 30, was signed by a U.S. Secret Service agent. The Secret Service often investigates financial crimes.
Randy Abrams, a director of technical education at IT security company ESET has created an infographic that outlines a few simple rules that will almost certainly prevent you from becoming a victim of common phishing techniques.
Reuters contributed to this report.