“The problem with quotes on the Internet is that it is hard to verify their authenticity.”
~ Abraham Lincoln (source: the Internet)
Flicker CC By Don Hankins – Online Fraud
Dear WDF Members & other contacts.
Week ago we received multiple notifications of odd emails from “President (WDF)” and from email we closed down in beginning of year 2015 so email was spoofed. That all reveals email list what was in use must be old. Those old emails and lists were compromised in our email posting network few years ago (couple mailboxes were hit). WDF is looking for solutions to minimise spam and all these kind of issues.
That email was so called CIO fraud – more of in BBC news article below.
Always be careful what you click
What happens when email is spoofed / faked, technical article
How to avoid, article
Examples, article
Referred BBC news, http://www.bbc.com/news/business-35250678
The many faces of business email fraud
Someone poses as a boss of a company instructing staff to make a wire transfer into the fraudster’s account
Fraudsters pose as the IT services department of a bank saying they want to make a test transfer – but it’s not a test
Fraudsters claim to be a supplier and ask for outstanding invoices to be paid into a new bank account
Employees click on links within phishing emails containing malware which authorises many small payments to the fraudster’s account
Social engineering
But why is CEO fraud proving so effective?
Mr Higbee suggests it because this type of email can more easily bypass spam filters and antivirus security systems.
“It doesn’t need attachments carrying malware, it’s just a conversation,” he says. “It’s very low-tech and a big departure from the large, automated malware attacks we’re used to.”
Fraudsters use publicly available corporate data gleaned from the internet to make the emails as convincing as possible, finding out who the bosses and senior financial officers are from social networks like LinkedIn, for example.
Staff are less likely to question instructions purporting to come from on high, and it’s this psychological manipulation – often accompanied by a sense of urgency – that is a major factor in the fraud’s success.
“It will spread because it’s too good to be ignored,” warns Jerome Robert from French cybersecurity company, Lexsi. “[Criminals] can make so much money in a very small amount of time, with minimal risk.”
Businesses should be on their guard.