Football club Lazio loses €2 million by falling foul of phishing scam

Italian football club Lazio has reportedly been scammed out of 2 million by email fraudsters claiming to be a team negotiating the transfer of a player.

The Serie A team was duped into releasing funds after it received an official looking email from what appeared to be representatives from Dutch club Feyenoord, demanding a final payment for the transfer of a player in 2014.

Fraudsters with knowledge of the deal, which saw defender Stefan de Vrij transfer to Lazio from Feyenoord, were able to trick Lazio's accountants into sending the outstanding balance of 2 million (1.75m) to their own bank account, according to Italian newspaper Il Tempo.

Feyenoord claims it had no knowledge of any such communication, and that it never received the funds. According to prosecutors speaking to the newspaper, the money has been tracked down to a Dutch account, but it isn't owned by Feyenoord.

IT Pro has contacted Lazio for comment.

Hackers are frequently falling back on phishing as a means to scam users out of their cash, as fears around the spread of ransomware and DDoS attacks have led to increased spending on website security, making it harder to hack into a site.

It's also another example of how lucrative phishing scams can be, particularly when fraudsters have knowledge of high profile deals, or those involving large transfers.

London art dealers were defrauded out of hundreds of thousands of pounds when an email scamming campaign emerged in November last year. In that case, fraudsters were able to intercept PDF invoices after hacking into the email accounts of clients, replacing the bank details with their own to divert cash.

The scam against Lazio is a "classic case" of email phishing involving a compromised business deal, according to Barry Shteiman, director of threat research at Exabeam.

"Using social engineering, hackers convince employees to wire money to their accounts without the employee knowing this request did not come from within their company. Low tech, but high yield!" he said.

Image: Shutterstock

Dale Walker

Dale Walker is the Managing Editor of ITPro, and its sibling sites CloudPro and ChannelPro. Dale has a keen interest in IT regulations, data protection, and cyber security. He spent a number of years reporting for ITPro from numerous domestic and international events, including IBM, Red Hat, Google, and has been a regular reporter for Microsoft's various yearly showcases, including Ignite.