We have seen too many clients almost fall and sometimes fall victim to a very prevalent and malicious phishing scam. In fact, nationwide, over $215 million has been stolen through this method over the last 14 months. We have written previous blogs about this and sent previous alerts; however, we feel so strongly about this scam that we wanted to remind you all of this.
Criminals are spoofing the boss to get wire transfers of your money. Tell your staff, especially your accounting or book keeping staff, that they are NEVER to make a wire transfer based on an e-mail without verifying it with the sender by phone.
How it works:
Through social engineering criminals are able to figure out who your main accounting person is and who the owner is to make all of this seem very legit. Emails are sent that look like they are coming from the Boss with a request to wire $10,000 or so to an account for various reasons such as accounts payable, a rush order of product or supplies, immediately. Emails asking for a quick transfer on $60k or $70k are popping up all over the place. We have had at least 7 clients contact us asking about this and one almost started the transfer because it seemed legitimate. Remember, e-mail addresses from anyone can be spoofed to look real. Most employees are familiar with the communication style of their supervisors which is one thing that is very hard to replicate. If anything seems out of the ordinary simply ask your boss if they really sent this e-mail for verification. If the answer is no, delete the e-mail and go on with your normal daily activities. Don’t fall for it. Train you staff not to fall for it.
The technology F1 Solutions has put into place is protecting you from a lot of this phishing spam, but not all. Please be sure to pass this information along to your staff as anyone can fall victim to these schemes. Don’t let your company be one of the victims!
For more information on this, see Brian Krebs blog here:
http://krebsonsecurity.com/2015/03/spoofing-the-boss-turns-thieves-a-tidy-profit
Security Team
F1 Solutions
