At The Identity Organisation, we're here to help!

    Or drop us a mail!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    Italian Cybercriminal Pleads Guilty to Phishing for Book Manuscripts

    An Italian citizen named Filippo Bernardini has pleaded guilty in New York to stealing more than a thousand unpublished book manuscripts from various well-known authors. The targeted authors included Margaret Atwood, Ian McEwan, Sally Rooney, and Ethan Hawke.

    Bernardini worked for publishing company Simon & Schuster in London, and crafted convincing phishing emails that impersonated hundreds of real people and publishing entities.

    “In carrying out this scheme, Bernardini created fake email accounts that were designed to impersonate real people employed in the publishing industry, including literary talent agencies, publishing houses, literary scouts, and others,” the US Justice Department stated.

    “Bernardini created these accounts by registering more than 160 internet domains that were crafted to be confusingly similar to the real entities that they were impersonating, including only minor typographical errors that would be difficult for the average recipient to identify during a cursory review. Over the course of this scheme, Bernardini impersonated hundreds of distinct people and engaged in hundreds of unique efforts to fraudulently obtain electronic copies of manuscripts that he was not entitled to.”

    Bernardini also used phishing attacks to gain access to the database of a New York City-based literary scouting company. The Justice Department stated, “[I]n or about July 2020, Bernardini impersonated a Scouting Company-1 employee and emailed two individuals, directing them to Bernardini’s look-alike webpage and prompting the users to provide their usernames and passwords. Bernardini’s webpage was programmed to automatically forward the input usernames and passwords to an email account controlled by Bernardini. Bernardini obtained the login information of approximately 20 users.”

    US Attorney Damian Williams said in a statement, “Filippo Bernardini used his insider knowledge of the publishing industry to create a scheme that stole precious works from authors and menaced the publishing industry. Through impersonation and phishing schemes, Bernardini was able to obtain more than a thousand manuscripts fraudulently. I commend the career prosecutors of this Office as well as our law enforcement partners for writing the final chapter to Bernardini’s manuscript theft scheme.”

    It’s an odd case, at least in terms of what the criminal was interested in stealing, but it shows the ways in which social engineering can turn up in all manner of crimes. New-school security awareness training can enable your employees to thwart social engineering attacks.

    The US Justice Department has the story.

    Free Phishing Security Test

    Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

    Here’s how it works:

    • Immediately start your test for up to 100 users (no need to talk to anyone)
    • Select from 20+ languages and customize the phishing test template based on your environment
    • Choose the landing page your users see after they click
    • Show users which red flags they missed, or a 404 page
    • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
    • See how your organization compares to others in your industry
    Go Phishing Now!

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/phishing-security-test-partner?partnerid=001a000001lWEoJAAW

    Sign Up to the TIO Intel Alerts!

    Back To Top