Client story

Global Media Organisation

Global Media Organisation

Threat Overview

Phishing attacks are designed to deceive individuals into providing sensitive information such as passwords to a malicious third-party, or into performing actions such as downloading malware designed to give an attacker remote control over the victim’s computer.

In 2012, the UK economy lost £405.8M to phishing attacks, an increase of 25% over the £304.4M list in 2011.

Worryingly, these attacks are becoming increasingly sophisticated, to the extent that often neither the individual nor the organisation to which they belong is even aware that an incident has occurred until it is too late.

The Attack 

On the 12th December 2010, a global financial enterprise was compromised by a phising attack. The attack was highly sophisticated and was carried out over a number of months without the company in question being aware that anything was wrong. Here are the facts:

  • Bank details - Tens of thousands of personal bank details were accessed and stolen.
  • Capital - £2 million from public bank accounts was stolen.
  • One mistake - It took one employee to download harmful malware in order for the attacker to gain access to their entire network

MWR's Approach

MWR's first contact with this financial enterprise was 6 hours after the attack was successfully carried out. MWR immediately contained the attack and restricted any other information from being stolen.

As these types of attacks are becoming more sophisticated, the industry as a whole must improve their understanding of the anatomy of these style of attacks in order to better defend themselves.

Steven, Consultant MWR


MWR consulted the corporation and identified the weak points in their network that attackers would look to target, one of which being phising emails.


MWR's approach to improving their phising defence started with company wide educational seminars and tutorials. Helping the employees to understand the nature of phising attacks, how they operate and where they target. MWR worked closely with the employees to tutor and direct each person until they were able to successfully identify malicious phising emails.


After having implemented the training, MWR provided 24 hour support to the company to ensure their defensive strategy remained successful.

The Result

In 5 years since this incident, the financial corporation records no other successful cyber attacks since December 2010. Their defensive strategy has adjusted with the nature of these styles of attacks with the help form MWR. But they agree that the support and training that MWR provide is second to none and has helped their success within the industry.

Phishing 1

More on Global Media Organisation



+ read more


Accreditations & Certificates

MWR is an accredited member of The Cyber Security Incident Response Scheme (CSIR) approved by CREST (Council of Registered Ethical Security Testers).
MWR is certified under the Cyber Incident Response (CIR) scheme to deal with sophisticated targeted attacks against networks of national significance.
We are certified to comply with ISO 9001 and 14001 in the UK, internationally accepted standards that outline how to put an effective quality and environmental management systems in place.
MWR is certified to comply with ISO 27001 to help ensure our client information is managed securely.
As an Approved Scanning Vendor MWR is approved by PCI SSC to conduct external vulnerability scanning services to PCI DSS Requirement 11.2.2.
We are members of the Council of Registered Ethical Security Testers (CREST), an organisation serving the needs of the information security sector.
MWR is a supplier to the Crown Commercial Service (CCS), which provides commercial and procurement services to the UK public sector.
MWR is a Qualified Security Assessor, meaning we have been qualified by PCI to validate other organisation's adherence to PCI DSS.
As members of CHECK we are measured against high standards set by CESG for the services we provide to Her Majesty's Government.
MWR’s consultants hold Certified Simulated Attack Manager (CCSAM) and Certified Simulated Attack Specialist (CCSAS) qualifications and are authorized by CREST to perform STAR penetration testing services.