How to Protect your Office, Company or Organization
In recent months several of our clients have received email requests to wire transfer funds. This confidence scheme is highly targeted sending the fake wire transfer emails to employees working in the finance department of a company.
How it works
This con uses sophisticated social engineering to convince specific executives and other individuals with access to their company's accounts to initiate a wire transfer of large sums of money.
In this attack, the scammer not only knows the target's name and email address, but also the name and email address of someone else in the company whom the target might trust. The scammers have registered email domains that are very similar to the recipients' (for example: xyzwigdets.com instead of xyzwidgets.com) and send the email from the fake domain.
So, instead of coming from firstname.lastname@example.org, the email comes from email@example.com. The scammers are betting that some people won't notice the slight difference in spelling and thus won't suspect anything.
A Slow Con - No Dollar Amount at First
This is an old-school trick we don't often see in email scams. The scammer cons the victim slowly, first gaining their trust and then moving in for the kill.
In some of the emails, the first message is not only ordinary, it doesn't even request a specific amount of money. It merely asks to initiate a wire transfer today. The recipient, thinking it's coming from a co-worker who might ask for a wire transfer, replies to the scammer, who then engages in a brief email exchange, eventually asking for a specific amount. The scammer even confirms the money went through, probably to prevent the victim from becoming suspicious and reversing the transfer.
Why doesn't our Spam filter catch these?
This is a different type of threat. With its low-volume (only a handful of emails out of millions) and targeting of specific people, this dangerous campaign has few of the typical markers of spam.
Why is this scam so successful?
The people perpetrating these frauds frequently research employees’ responsibilities so they know who to target, and often gather information to try to make the wire transfer request as believable as possible. For example, they may research the executive’s schedule using public information or by making inquiries of the executive’s assistant with the goal of sending the fraudulent emails when the executive is out of town and cannot be easily reached for verification.
Although some of the fraudulent requests are for millions of dollars, they can just as often be for smaller amounts. Since many companies have stricter controls (like dual approvals) for amounts over a certain dollar threshold, the scammers often submit requests for lower amounts hoping the looser controls will raise the success rate of their scam. If the scammer is successful in a preliminary request, they may continue to submit additional requests until the scam is detected.
How to Protect Yourself and Your Company
Implement a Strong Policy: Security and Fraud Prevention begins with a solid set of policies and procedures. A company policy should include confirmation on any wire transfers. Train everyone at your company based on your policy. Keep your staff up to date on the latest threats.
Contact Us for more information.
Call today - 802 282-4255
Silloway Networks offers Enterprise level support to Small and Medium Businesses in Rutland, Addison, Windsor and Bennington Counties. Employing highly-skilled technicians and developing partnerships with best-of-breed technology providers allows Silloway Networks to provide personalized technology solutions to enhance the operation of your business.
Website by Silloway Networks