Financial Phishing Fraud
Fraud Alert!
We want to bring your awareness to a massive rise in Financial Phishing Fraud.
Anyone can be the victim of this fraud, but common targets include any business that deals regularly in substantial financial transactions, such as attorneys with large settlements and construction companies dealing with suppliers. Criminals are particularly likely to try to scam high-level executives and finance departments.
An increasingly common form of Financial Phishing Fraud uses an email that impersonates a trusted source such as a colleague or vendor with whom you already do business. Scammers monitor this account and when it is time to arrange payments, they “notify” you that payment details have changed (like a change of mailing address or bank routing number), or perhaps instructions to have money wired somewhere else. The money you send them vanishes into the criminal’s pockets instead of going to your intended destination.
There are several ways a scammer might pull this off:
1. They might forge an email header that displays as if it’s actually sent from the trusted person’s real address, leading you to assume the message is indeed from that person.
2. They may create an email address very similar to the domain they’re impersonating. For example, they could send the email as john@contosso.com (two letter s’s) instead of john@contoso.com (one letter s) – that one character makes all the difference!
3. They may hack a legitimate email account of the trusted source.
What to look for:
Practice awareness and common sense when reading any email. Also, listen to your gut: if something seems “off”, pay very close attention!
Here are a few specifics to look out for:
- Check the sender’s email address for spoofing either by forged displays or slight variations of domain names.
- Carefully analyze whether the message’s request seems normal, and if it follows your usual procedures for this sort of payment.
- Keep an eye out for phishing emails that seek to find out your user names, passwords, credit card or bank information. Beware any emails that says you “need to change your login credentials”.
- Be suspicious of a sender urging you to act quickly.
What to do with possibly fraudulent emails:
- Never click on links in any suspicious email.
- If you’re unsure, call your contact on the phone to verify. Important: if a scammer has sent the email, just replying to them via email will just send the message to the scammer! You need to talk to a real human being.
- Always be suspicious of any changes in payment information.
- Make sure your email is secure. Check your account activity frequently to see if there have been logins on unknown devices or IP addresses.
- Confirm, confirm, confirm!
- Be sure everyone in your organization is trained to do these things.
What else can you do?
Contact your Adetti representative and ask about our Email Phishing and Spam Protections. We’ll be happy to help evaluate your level of vulnerability and offer solutions that fit you needs and budget.