A recent influx of fraudulent emails is sweeping across the globe, causing unsuspecting payroll and HR professionals to wire money to scammers.
In today’s day and age, most companies have effective internet security which is making it even harder for malicious content and scamming attempts to succeed. In most cases, it is easier for criminals to trick employees into running a program or transferring money, rather than relying on complex viruses to do the job for them.
That is exactly what is happening at the moment, as criminals are scamming unsuspecting employees into handing over money.
The email scams are designed to obtain the personal information of company employees and use the data to commit various types of fraud and identity theft. The criminals sending the emails are obtaining employee information such as position title, email address and phone number, through accessing company websites and using information from the ‘Our Team’ section, to pose as employees.
These spoofing techniques are used to make it appear that messages were really sent by the targeted company’s CEO. The purpose of these types of emails is to get the recipient to process ‘urgent’ payments for a non-existent good or service by way of a wire of credit transfer.
One of the tactics that scammers use is by registering domains very similar to the target domain. For example, registering emma@yourdoman instead of emma@yourdomain in the hopes that the recipient may not notice the slight difference in domain name and think it is from a trusted sender.
According to Symantec, scammers are sending the emails out on the same day that they are registering the domains- this is likely in the hope that they can extract payment before the domain is reported and subsequently suspended.
There have also been variants where the scammers spoof the “From” address to make it look as though the email is coming from the management, even though the true sender’s address is different. The ‘Reply-To’ address can usually be seen when the user clicks reply.
One of the best things you can do in order to prevent this kind of scam, is to delete your website’s ‘Our Team’ section.
Often businesses include an Our Team section which not only includes employees’ positions and titles, but also their contact information such as direct lines and email addresses.
Including the above information on your website leaves you open to these “bogus boss” scams as fraudsters will be able to identify the name and position of senior executives and admin/payroll employees very easily.
If you receive a wire transfer request that seems urgent or out of the ordinary, always check that the sender is who they say they are. Asking your CEO in person, or giving them a quick call is a simple way to ensure the request is in fact legitimate.
If you receive an email with a thread that you’ve supposedly been sent before, check with the person who has supposedly sent the email. Reply to the sender but obtain their email address using your company’s address book in your email client.
While these kinds of emails are very low-tech and a big departure from the large, automated malware attacks that are most prevalent, companies as big as Michelin and Nestle have fallen victim to these kinds of scams. If you are ever unsure of the legitimacy of an email, you can always give us a call on 1300 903 405- we will be happy to investigate for you.