Financial Fraud Action UK have posted a news article regarding a new and very serious email spoofing scam on their website http://amzsup.co/1jLeYZa and we are advising ALL of our clients and contacts to read the article and guidance notes within the PDF.
In short, the scam is email spoofing which is where a person pretends to be you by sending other people fake emails from your email address. What’s different about this email spoofing scam is that the external person attempts and succeeds to send an email from a verified senior member’s email address from your organisation (for example, a Financial Director, Accounts Director, Senior VIP/Manager) either to your own accounts department or to another financial controller within your businesses. The details of the email (which on occasions have even used official company email templates/logos/email signatures) explain the requirement for urgent bank transfers to be carried out to external bank accounts for various seemingly “legitimate” reasons.
The email appears to be “genuine” however, this is in fact a very dangerous spoof email where the person externally has cleverly managed to find in the public domain the email addresses of responsible, senior and relevant people and financial departments in your business and acts as an imposter to obtain your funds illegally.
To date we have had 4 of our clients affected by this email scam, luckily each one had internal processes to validate these bank transfers. However, there are companies out there who have already been hugely affected by this both financially, professionally as well as their reputation.
You may remember the CryptoLocker ransomware article we wrote back in April, it is still a major issue today for businesses and is very much a prevalent risk. Both CryptoLocker ransomware and this new email spoofing scams are real, fraudulent, illegal activities that can severely impact your business.
With email spoofing, there are security measures that can be put in place at domain levels, within internal email servers and networks, as well as moving to externally hosted email and email security and web and email filtering services. These will add further layers of protection to prevent email spoofing from happening, or at least make it extremely difficult for these imposters to achieve their goals.
The same applies with ransomware, additional disaster recovery solutions can be put in place to provide recovery options should your data become compromised so you don’t have to “pay up” or have your business brought to a stand still.
We would also recommend getting in touch with your Professional Indemnity Insurance provider to see if they offer Cyber Liability Insurance. It’s a very worthwhile product to have to protect your business financially from an actual threat.
A note of warning is, if a hacker (as that’s what they are) really wants to hold you to ransom, commit acts of fraud and theft against your business whatever the method, they will eventually get in to your systems. However, what we have to do and it is your responsibility as well, is to put in place sufficient security measures and layers of access prevention to make it almost impossible from an IT-technical and time investment point of view to intrude into your company network.
It’s about putting in place deterrents and protection solutions to avoid or minimise to a very high percentage disruption and any compromise of your business services. Look at the recent issues with TalkTalk for example! #NeedISayAnyMore