MENU

Famed NYC Restaurant Forced to Close Due to Common Cyber Scam and Lack of Cyber Insurance

Jul 9, 2024 | Blog
Partner

An iconic New York eatery, Gotham Restaurant, recently fell victim to a cyber scam that involved wiring $45,000 to a fake payroll account. Located in Greenwich Village in Manhattan, Gotham Restaurant serves New American cuisine and has been a staple of the Lower West Side since 1984—but it has now been forced to shutter its operations temporarily.

On May 10th, one of the restaurant’s owners, Bret Csencsitz, was contacted by a scammer posing as a representative of the company the restaurant used to manage its payroll, Paychex. The scammer had managed to infiltrate a previous email chain between the restaurant and its actual Paychex contact. The scammer’s email stated that Paychex was changing its banking information, leading the restaurant to wire $45,000 worth of payroll funds to the fraudulent account provided in the email.

The scammer had used some tried and true methods to dupe its target—copying the typical email format used by Paychex; posing as a familiar contact and infiltrating a pre-existing email thread; and using a URL similar to a real one, with a small, hard-to-notice difference.

Due to the loss of the payroll money, the restaurant’s lack of cyber insurance, and the typical seasonal drop in business during the summer months, the restaurant made the decision to close temporarily for part of the summer. In an interview with Restaurant Business, Csencsitz emphasized cyber insurance as something he wishes he would have invested in earlier.

However, this incident can serve as a cautionary tale for other businesses, whether in the restaurant industry or elsewhere. Some best practices for both preventing and responding to a cyber scam incident include:

Verify details beforehand.

  • If communication is conducted through email, carefully examine the sender’s email address and any website addresses.
  • Go old school: Use voice communication (telephone) to confirm the details of a transaction, such as confirming instructions verbally via a telephone number that you know independently. Do not confirm by email as the sender’s email address may not be legitimate. It may have been sent to you by the threat actor.
  • Always be suspicious of inquiries asking for access to or purporting to make changes to sensitive information.

Obtain cyber insurance.

  • A Cyber Risk or Technology Errors and Omissions insurance policy can provide coverage against cyber scams, subject to conditions and exclusions in the policy (make sure to review the policy with a professional experienced in cyber insurance).
  • If a cyber event occurs, submit a notice of claim as soon as possible to the insurance carrier.

Notify the proper parties.

  • Notify your bank and the receiving bank immediately in the case of a successful or attempted cyber scam.
  • File a report on the FBI’s Internet Crime Complaint Center site.

If you have any further questions regarding cyber insurance and how you can protect your business from wire fraud scams, please contact Kenneth Rashbaum and Tara Aaron-Stelluto.
Key Contacts
Tara Aaron-Stelluto Tara Aaron-Stelluto
Email
615.899.4501
Kenneth N. Rashbaum Kenneth N. Rashbaum
Email
212.885.8836
Related Practices
Barton LLP
Privacy Overview

Our website uses certain cookies to enhance site navigation, analyze website usage, and assist in marketing efforts that may collect your personal information. You can accept or reject these cookies.