back to article Scumbag hackers lift $1m from children's charity

A group of criminal asswipes have managed to steal $1m from the Save the Children Foundation. The global children's health charity said in its 2017 fiscal report (PDF) to the IRS that, back in April of last year, some total sleezebag was able to get control of an employee's email account and then convince the organization to …

  1. Adrian 4

    Insurance

    I wonder how much they've spent on insurance in order to make that claim. $1m ? $10m ?

  2. Anonymous Coward
    Unhappy

    More to this than meets the eye

    How can someone at STC authorise a transfer of near $1m without there being an existing project or programme that the charity has previously done its due diligence on and agreed to fund?

    And if this transfer request was disguised as part of an existing project then the criminals must have near insider[1] levels of information in order to time the request just right, know that solar panels were a necessary part of the project, know that disbursement approval had already been granted and that it was just a matter of requesting the funds etc.

    Icon: nearest thing to me holding my nose because something stinks.

    [1] The insider could be a part of the receiving organisation of course, not STC.

    1. sanmigueelbeer
      Facepalm

      Re: More to this than meets the eye

      How can someone at STC authorise a transfer of near $1m without there being an existing project or programme that the charity has previously done its due diligence on and agreed to fund?

      Hello, my name is Carl and I'm calling from Microsoft Helpdesk. Apparently, your computer has a virus ..."

    2. Anonymous Coward
      Holmes

      Re: More to this than meets the eye

      I remember listening to a podcast some years back of a couple of security researchers talking about what the new year holds, and one of them said "there would be more corporate breaches", but the other corrected him, "there will be more corporates 'finding out' they've been breached"

      In other words, most organisations have no idea what is going on inside their networks.

      If I were a hacker, once in, I would pivot around for persistence, carefully shimmy around between the walls, listening to conversations and get an understanding of organisational relationships.

      With this knowledge, I would formulate a plan to monetise my efforts

      Literally all it would take is access to a admin O365 account with no 2FA enabled, which is probably all O365 admin accounts, considering Microshits shenanigans

      Phishing is so much easier this way

      Why use a net when you can use a sniper rifle

    3. Anonymous Coward
      Anonymous Coward

      Re: More to this than meets the eye

      I have seen a lawyers bill for 400000 EUR, exactly the number with no extraneous decimals and digits, the bill stating "Legal services for project xxx", no hours stated, no breakdown of work tasks, and no requisition number.

      The reason I have seen it is because I rejected it and PHB higher up approved it as-is!

      What is suspicious is that PHB-of-Finance back then left without a going away do, and 'we' are on the third PHB-of-Finace with no one the wiser.

      1. Anonymous Coward
        Anonymous Coward

        Re: More to this than meets the eye

        Got similar with an invoice for £100K. Asked for a breakdown of what was being paid for and got shuffling of feet - so rejected it outright. They are on their 3rd attempt at the invoice - a reputable company but I've told them we're not an open check book.

      2. Mr Benny

        Re: More to this than meets the eye

        "I have seen a lawyers bill for 400000 EUR, exactly the number with no extraneous decimals and digits, the bill stating "Legal services for project xxx", no hours stated, no breakdown of work tasks, and no requisition number."

        I can actually believe that was genuine. The legal profession take the piss with their charges and (in the UK anyway) they seem to be the only profession that can get away without having to give you an estimate of how much their work will cost beforehand even when its a standard procedure such as conveyancing. They also seem to think its perfectly ethical to charge £5 per email or phone call even when its YOU contacting THEM because they haven't bothered to keep you up to date!

        Lawyers understand the letter of the law but they seem to have a complete lack of understanding of the spirit of it IMO.

        1. TeraTelnet

          Re: More to this than meets the eye

          Only in England and Wales - in Northern Ireland you have to be given a quotation including all likely fees and expenses at the start of any conveyancing (well, for houses anyway).

    4. Voland's right hand Silver badge

      Re: More to this than meets the eye

      Icon: nearest thing to me holding my nose because something stinks.

      Wish I could +100 the comment.

  3. Robinson

    Really.

    That's not the only theft going on at the charity. Save the Children International's CEO Helle Thorning-Schmidt earned $299,136 in 2017 and presumably a similar amount every other year.

    1. Nick Kew

      Re: Really.

      That'll be loose change amidst the many millions worth of free fundraising they get from the BBC on a regular basis. How many other charities, even the big household-name ones, benefit from patronage at quite that level?

      1. John McCallum

        Re: Really.

        Do you refer to the annual fundraising in November that the BBC does that is for the charity Children in Need not, Save the Children a different charity altogether.

        1. Anonymous Coward
          Anonymous Coward

          Re: Really.

          Don't ruin the guy's charity/BBC bashing post with your "facts".

        2. katrinab Silver badge
          Flame

          Re: Really.

          “that is for the charity Children in Need not, Save the Children a different charity altogether”

          Easy mistake to make though. Both are run by overpaid bosses with multiple rape allegations on file.

    2. Flywheel
      Stop

      Re: Really.

      No, you got that wrong @robinson: he was paid $299,136 - he probably earned about half that. This is a common misconception.

      1. Norman Nescio

        Re: Really.

        No, you got that wrong @robinson: he was paid $299,136 - he probably earned about half that. This is a common misconception.

        Just to correct a misconception here: Helle Thorning-Schmidt is a female ex-Prime Minister of Denmark, married to Stephen Kinnock (Neil Kinnock's son). Stephen Kinnock is currently MP for Aberavon.

        Whether USD 299,136 is a reasonable amount for a year's salary for her is not something I am competent to comment on. Presumably her paymasters think she is worth it.

        1. Anonymous Coward
          Anonymous Coward

          Re: Really.

          Whether USD 299,136 is a reasonable amount for a year's salary ...

          Don't knock it, it was pretty hard to get her to Just Leave so maybe that amount is well worth it.

          Think the female Tony Blair ... and the way Tony Blair is hanging around, like that turd on just cannot flush, and the new xxx-friend one want to impress will be arriving any minute. Yup. 300 kUSD is cheap!

      2. Mr Benny

        Re: Really.

        "he was paid $299,136 - he probably earned about half that"

        I think you're being rather generous.

    3. Anonymous Coward
      Anonymous Coward

      Re: Really.

      Their justifications for such salaries do not wash either

      They say it's because they need to attract the best CEO talent in the market

      Well that's fine, just don't expect other people to pay for it

      This is the first thing I look at when deciding whether or not to donate my hard earned money to a cause

      Gone are the days of charity, all we have now are businesses posing as charities

      Some of them use the money to go into manufacturing and product design to further create revenue, it's fucking disgusting

  4. Mark 85

    The horses are out... close the barn door!

    Maybe it's just cheaper to file an insurance claim than to train staff, monitor the old bank account, etc.

    1. Version 1.0 Silver badge

      Re: The horses are out... close the barn door!

      It would be interesting to learn just how they managed to fall for this. Did an email arrive in the PHB's account which was then forwarded to the accounting department with a note say's, "Pay this please"? Did the PHB do it, or maybe they never even saw it?

      How many other scams have they fallen for? Do they even know?

    2. Version 1.0 Silver badge

      Re: The horses are out... close the barn door!

      Try buying commercial insurance ... while you have a point for one claim like this, their rates will now go sky high and the insurance company will plan to recoup the expense by increasing rates policy wide.

      If an insurance company offers a $1,000,000 liability policy for $20k a year and sells 100 policies and gets one claim a year, then they make $1,000,000 a year. It's Christmas, triples all round chaps!

  5. This post has been deleted by its author

    1. Mark 85

      Re: Anyone remember the terrorist on benefits

      That happens here in the States and usually makes the news. Prisoner files for "unemployment" or some sort of disability.

  6. Anonymous Coward
    Thumb Up

    Asswipes and arseholes

    Good multi lingual skills there that journo. I'm pretty sure that you have covered the entire gamut of en_* unfavourable descriptions of miscreants.

    1. HolySchmoley

      Re: Asswipes and arseholes

      Hopefully using a different wipe for the rest of the ass from the one used for its arsehole.

    2. Pascal Monett Silver badge
      Trollface

      Re: Asswipes and arseholes

      I also like the "artist rendition".

    3. Ken Hagan Gold badge
      Go

      Re: Asswipes and arseholes

      Indeed, "feckless rectal warts" was a new one for me. I think the author deserves extra points for that one.

  7. OssianScotland

    Who are the criminals here?

    Given the way most large charities seem to be run as businesses (executive pay, perks and admin costs, not to mention chuggers on commission) and treat their alleged "clients" as little more than an afterthought, please pardon my lack of sympathy.

    Even "worthy" charities such as the RNLI (and why does Britain need a charity to rescue sailors?) are going rapidly down this route, so I now refuse to give to anything other than small local charities which actually care about the causes they represent.

    I agree with other comments about lack of due diligence and proper procedures, which should not have allowed this to happen.

    1. John Miles

      Re: Who are the criminals here?

      Somewhere a lot of charities have lost direction - once raising money was a means of achieving something worthwhile, now it seems doing the worthwhile thing is a means to aid raising money.

    2. paulf
      Pirate

      Re: Who are the criminals here?

      It's interesting you (OP) mention the RNLI. When my old man turned 60 (about 10 years ago so pre GDPR) he asked people to send donations to the RNLI (among some other charities) in lieu of presents. I sent off some cash to the RNLI and made sure I got the boxes right to not opt in and opt out (!) of future contact and mailings.

      I was then helpfully added to their supporters email news letter list anyway, and started getting begging letters in the post too. I unsubscribed from the emails which then started up again a few months later, leading to a phone call asking them to make it all stop. It didn't and in the end the only way I got it to stop was calling their HO and tearing someone off a strip about it.

      I now only support small local charities that I know well, know where they're spending the money, and that rely mostly on volunteers with few if any paid staff. If I support a big charity (I make one exception with a big animal charity) I take in food for the animals at the rescue centre as that should stop them using it to fund their CEO's six figure pay and benefits package (unless he likes eating Winalot!).

    3. nkuk

      Re: Who are the criminals here?

      RSPCA is one of the worst offenders for this, they have executives on massive salaries and the local centres are franchises that have to do their own fundraising.

      I avoid donating to any large charity that is a business in all but name and tax status.

      1. Anonymous Coward
        Anonymous Coward

        Re: Who are the criminals here?

        Cancer Research UK also have lavishly paid managers and aggressive fundraisers. I raised thousands for them in sponsored events over the years, and they still bombarded me with guilt trips for not doing even more. Not a penny more from me. Shelter are quite bad as well. Like others have said I focus my giving on small local charities run by volunteers now.

      2. ShortLegs

        Re: Who are the criminals here?

        "RSPCA is one of the worst offenders for this, they have executives on massive salaries and the local centres are franchises that have to do their own fundraising."

        One of the worst? NO, the RSPCA is THE worst. It is not just the massive salaries, it is the levels they will sink to in order to increase revenue.

        Your deceased father left a small legacy to the RSPCA and the rest of his estate to you? The RSPCA have challenged such wills in court, demanding a larger share of the estate.

        https://www.dailymail.co.uk/news/article-1252213/Judge-slams-RSPCAs-court-attempt-double-300-000-left-generous-animal-lover.html

        "The RSPCA said later in a statement: 'All the RSPCA has done is try to honour what we believe was Mr Mason's clear intention to avoid anyone paying inheritance tax.'"

        Aye, that will be the clear intention that stated "£60,000 to him, £400,000 to them, and £300,000 to the RSPCA." I can't see it being any clearer, yet the RSPCA's translation was "The RSPCA argued that Mr Mason's will should be considered in such a way that it would receive £651,820."

        Neighbour leaves a plot of land for wildlife, on the proviso that it was to be left as is, for the wildlife? The RSPCA sell the land to property developers because the will did not explicitly it was not to be developed.

        https://www.manchestereveningnews.co.uk/news/greater-manchester-news/fury-as-rspca-sells-land-in-alderley-687444

        Money-grubbing little brutes, the lot of them. From the obnoxious in-your-face "hi-how-are-you-doing-can-you-spare-2-minutes" street muggers to the overpaid, self-serving hypocrites at the top.

  8. katrinab Silver badge
    Flame

    I have zero sympathy for “Save” The Children here

    Given their involvement in numerous incidents of Sexual Harassment which has lead to them having their government funding suspended, the charity appears to be doing more harm than good, and stealing money off them to prevent them doing more harm is probably a good thing.

  9. KBeee

    There seems to be some confusion amongst both the comments and the article author. The article is about Save the Children Federation (not "Foundation"), also known as Save the Children USA (founded 1932), and modelled after the UK Save the Children Fund (founded 1919). They are not the same organisations.

  10. Anonymous Coward
    IT Angle

    Hackers gained control of employee's email account

    "back in April of last year, some total sleezebag was able to get control of an employee's email account"

    How?

    1. Sanctimonious Prick
      Facepalm

      Re: Hackers gained control of employee's email account

      @Walter

      By calling the helpdesk and asking for a password reset!

      1. The Oncoming Scorn Silver badge
        Holmes

        Re: Hackers gained control of employee's email account

        One way......

        By sending a e-mail to users (From an already hacked external source), asking them to review & consider an attached PDF.

        The attached PDF is actually a link to a website, made to look like a "one drive" sign in portal, & it prompts for credentials at this point (Instead of using the credentials which would normally be shared by the sender with the intended recipients) .

        At this point about 15 of our users happily entered their credentials. A few e-mailed the mimic for verification to be told "Go Ahead". Only one person had the brains to stop & think this doesn't smell right, did not enter in his credentials & actually notified us in Mission Control 1 full minute before the actual person logged a ticket asking if she had been hacked (Yes on Friday she had entered her credentials into the webpage as directed by a externally sent e-mail by one of our venders).

        Nobody even looked at the url which was along the lines of "****.****beerisgood.com"

  11. Anonymous Coward
    Anonymous Coward

    Charity...

    Begins at home

    1. Sean o' bhaile na gleann

      Re: Charity...

      That's right. And these days, as far as I'm concerned, that's where it stays.

    2. Prst. V.Jeltz Silver badge

      Re: Charity...

      I dunno , we have it pretty sweet really compared to what used to be referred to as "The 3rd world"

  12. big_D
    Coat

    Don't hold back

    Let us known what you really think about this criminals...

  13. Duffaboy
    FAIL

    Wonder how much the It Training budget is?

    I guess minimal or nothing.

  14. Anonymous Coward
    Anonymous Coward

    Pity TheRegister doesn't use the same terminology

    to describe the lawmakers, on both sides of the pond, who squander vast sums of tax payers money. Scumbags and a*******s is very appropriate.

    If he's after the "think of the children" justification, the lawmakers have far more of an adverse impact as a result of their waste and incompetent management than the the theft of a mere $1M ever had.

  15. Anonymous Coward
    Anonymous Coward

    I see Trump doing the same thing...

    I see Trump doing the same thing these days, but he's not hacking! He sets up a charity, and uses its funds for his own purposes!!! Not even used for funding the building of his mystical wall...!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like