An iconic New York eatery, Gotham Restaurant, recently fell victim to a cyber scam that involved wiring $45,000 to a fake payroll account. Located in Greenwich Village in Manhattan, Gotham Restaurant serves New American cuisine and has been a staple of the Lower West Side since 1984—but it has now been forced to shutter its operations temporarily.
On May 10th, one of the restaurant’s owners, Bret Csencsitz, was contacted by a scammer posing as a representative of the company the restaurant used to manage its payroll, Paychex. The scammer had managed to infiltrate a previous email chain between the restaurant and its actual Paychex contact. The scammer’s email stated that Paychex was changing its banking information, leading the restaurant to wire $45,000 worth of payroll funds to the fraudulent account provided in the email.
The scammer had used some tried and true methods to dupe its target—copying the typical email format used by Paychex; posing as a familiar contact and infiltrating a pre-existing email thread; and using a URL similar to a real one, with a small, hard-to-notice difference.
Due to the loss of the payroll money, the restaurant’s lack of cyber insurance, and the typical seasonal drop in business during the summer months, the restaurant made the decision to close temporarily for part of the summer. In an interview with Restaurant Business, Csencsitz emphasized cyber insurance as something he wishes he would have invested in earlier.
However, this incident can serve as a cautionary tale for other businesses, whether in the restaurant industry or elsewhere. Some best practices for both preventing and responding to a cyber scam incident include:
Verify details beforehand.
Obtain cyber insurance.
Notify the proper parties.
If you have any further questions regarding cyber insurance and how you can protect your business from wire fraud scams, please contact Kenneth Rashbaum and Tara Aaron-Stelluto.