Business e-mail scam warning

2019-07-31 06:02

THE following scam has been going around for some time.

A business will receive an e-mail from a known vendor they have been dealing with for some time, indicating that their banking information has changed. While at first glance the e-mail looks legitimate, there will be subtle differences that are not noticeable to the casual observer.

Scammers are professional criminals and it may take them months to find the right target.

Once they have identified their target, they then go to the company website, looking for the contact information of finance or IT executives.

They will then target that employee with a spear phishing e-mail.

This e-mail will contain a Keylogger or a Remote Access Terminal (RAT) that will install automatically behind the scenes.

These “Trojans” gather and monitor everything you do on your computer and, once they have gathered the relevant information, they will then be able to remotely access your computer without you knowing.

After they have access to your computer they then create an e-mail rule that will duplicate and forward any e-mails with invoice, bank account etc in the body or subject of the e-mail.

These e-mails are forwarded to a “burner” e-mail account. Once they have this information it is not to difficult to send you an e-mail with the vendors “spoofed” e-mail address, requesting the bank account change.

“If you receive an e-mailed request to change banking information, call the company to verify the information.

“Do not call any number that appears on the e-mail, rather use the number you have on file for that vendor,” said Rick Crouch, private investigator with Rick Crouch and Associates.

— Supplied.

NEXT ON NEWS24X

Inside News24

 
Traffic Alerts
There are new stories on the homepage. Click here to see them.
 
English
Afrikaans
isiZulu

Hello 

Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.


Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire 24.com network.