28 Jan Accounts Department Phishing
Phishing is when a criminal sends an email in order to direct an unsuspecting victim towards a fake website.
The email is normally in the form of an instruction to urgently update your account details to prevent something bad happening.
The fake website is built to look exactly like its genuine counterpart and is intended to coerce the user into entering their login details into what looks like the entry point. Upon the victim doing this, the fraudster captures the details and then heads to the real website and logs in, potentially causing untold amounts of trouble.
Accounts Department Phishing
In a typical accounts department fraud, the scammer takes this theory up a level and attempts to get their payment details added to a companies online banking and persuade the business to make a payment.
This process is pretty complex but works something like this.
The scammer has to work for this one but if they get it right it can be very lucrative.
They gather a company directors details from Companies House and then tracks down the accounts department contacts via LinkedIn.
For the purposes of this example the company being scammed is Fred Bloggs Design Associates. The CEO is Fred Bloggs. The company domain is fredbloggsdesign.com
The scammer will register a very similar domain such as fredblogsdesigns.com (note the missing “g”).
The scammer then sends an email to the company “accounts payable” contact at Fred Bloggs Design requesting an urgent payment be made to a particular supplier for an amount such as £5000 including their account number and sort code.
The email looks as though it comes from email@example.com but the return address is actually firstname.lastname@example.org (note the missing “g”).
That way when the accounts department reply with an “Are you sure about this Fred?” email they can reply “Yes”.
If the accounts department falls for this scam, the sky is the limit as to how much you can lose.
Another popular scam aimed at the finance department is the after effects of having a business email username and password phished (as described earlier).
The scammer scans the users outgoing mailbox for recently sent invoices.They then send an email to the company the invoice was issued to (using the phished email account) requesting that the invoice be paid to their new bank account as they have recently changed their bank details.
Their aim is to get the invoice paid to their bank account rather than the owner of the email. It is brazen but potentially successful.
What can you do?
If you have a support subscription contact us immediately and we will assist you
- Change your email password immediately for something way stronger.
- Turn on 2Factor authentication.
- Check for newly created suspicious email rules set up to divert or hide messages.