The scams themselves were targeted and very well-researched attempts to illegally extract money from reasonably large organisations – both private companies employing hundreds of individuals.
The approach was quite simple, a close-matching domain name was registered (for example www.johnsmith.co was registered for an attempt against www.johnsmith.co.uk) and a series of emails were created to falsely represent company correspondence. Those in financial positions of authority were then emailed from spoof email addresses purporting to be very senior figures – these requested that an immediate bank transfer be made for a genuine-looking invoice.
Of course, in these days of social networking with the likes of LinkedIn as well as key personnel often being listed on corporate websites, it is quite straightforward for potential fraudsters to identify the names of the key personnel and for them to create a very similar email address (e.g. firstname.lastname@example.org to impersonate email@example.com).
Although these types of fraud are rare amongst SMEs, the instances we have been made aware of are evidence of a very real threat for many companies.
So how can you protect your organisation from incidents such as these? Where possible, companies may decide to register close-matching domain names, such as .co extensions, as this will help mitigate against some attempts and genuine-looking email trails.
Anti-virus and email filtering is unlikely to block attempts of this nature unless they are made particularly prescriptive – for most people this is unacceptable as it will filter out too much genuine email.
Unfortunately, this scam largely relies on human error occurring in a small percentage of the attempts. As a result, continued vigilance and financial procedural reviews – particularly ensuring there are checks in place to guard against fictitious invoices – are the most effective ways of ensuring that you do not become a victim of fraud of this nature.
For advice about IT security solutions, contact us today on 01732 762675 or contact firstname.lastname@example.org