We have seen a huge rise in these CEO fraud type phishing emails lately, these type of emails look very genuine and can cost your business thousands.
Emails look genuine…
The emails appear to come from someone senior in the company, or from a supplier – they can have the same name, email address, and even sometimes the same email signature.
They will ask the recipient (normally the company accountant) to transfer a large amount of money into a specific bank account, or they may simply ask the recipient to update the bank details for a supplier to their own bank details, meaning the next time you pay your suppliers invoices it goes directly to the scammer.
These emails can look very genuine, it’s easy to see why so many companies are falling for this scam. Worse still because your accountant is voluntarily paying this money into the scammers bank, your bank may not be able to offer any help towards recovering this money.
So what can you and your staff do to protect yourself? We would recommend at the very least you have an Email Security service, along with making it company policy to verify payments over the phone.
You should be using an Email Security service, such as Smart IT’s Hosted Email Security. This service will scan messages for spam, viruses and phishing preventing the majority from reaching your mailbox. If you’re not already using our Email Security service contact us for a quote. However, no spam filter will block all spam/phishing emails and you should still be cautious about what emails you open.
Confirm by phone/in person
All requests for money transfers or changes to bank details via email should be verified over the phone, or in person if you’re in the same building. But don’t rely on the telephone number in the signature, this may also be spoofed