Spoofed Email Transfer Requests: A Dangerous Type Of Fraud
Learn from my own experience ...
Recently, our financial controller received an email, purporting to come from me, requesting a bank transfer. It showed my email address and our financial controller requested further details ...
I'm glad we have a suspicious financial controller. That spoofed email could have cost us a lot of money!
copyright: andose24 / 123rf stock photo (licensee)
Even though the email showed the reply going to me, the reply actually went to the fraudsters email, not mine! The request was to transfer £11,500.00 to Allied International UK Ltd, Account number: 50464767, Sort code: 20-48-42.
"Fortunately, our financial controller was suspicious about such a big transfer, so called me to express his concern!"
We reported the issue to the Police who took the details and said "you don't need to contact us again, we will contact you if necessary!" and gave me a case reference number then hung up.
Using a sort code search, I identified the fraudster's bank to be Barclays Bank in Leicester, so contacted the Barclays fraud team and advised them of the details. Apart from having to wait 21 minutes for my call to be answered, they were very interested (much more so than the police were) and took all the details.
I then contacted our email specialist for assistance in preventing a re-occurrence. He advised me that Microsoft Outlook allows an email to be sent by the fraudster and yet show a different sender (my email address) and the reply goes to the fraudster, not the apparent sender!
Whilst our email server will reject incoming emails coming in from anyone using our company email addresses as "not sent from this domain" the hidden fraudsters email address circumvents this security. The specialist's view was there is little to be done without setting up fully authenticated email.
So what can we learn from this event?
Make sure there is a level of authentication within the organisation over and above email requests for any transfer of funds.
If you receive a suspicious email check the properties of the email to see the details of the sender.
Consider the use of authenticated email.
Pass on the information of this scam so others are aware.
Be constantly alert for fraud.
If you receive an email to change any bank account details, call the sender (checking any telephone numbers in the email are correct) before making the requested changes.
Because we work so closely with many different customers, I'm meticulous about security on our network because what impacts us can impact them too.
"But this is incredibly difficult for automated systems to identify!"
At a bare minimum, I'd suggest putting limits on what your team members can do without verbal consent from you, especially when it comes to cash transfers out of your company's bank accounts!
Until next time ...
If you'd like any further information, then do call me on 0845 287 3622.
While working with Volvo in the late 70’s I realised the way forward in international component distribution was computing. I created a company distributing components for several international manufacturers using the 'new' computers of the day. I quickly realised we needed our own programs so started writing distribution software. I grew the company by developing the software until I eventually sold my shares 20 years later, but retaining the rights to the software. I continued developing the software and supplied it to several similar companies where the software is still used today.
During 1999, I was asked by a friend to develop a facility to video the live sea conditions on the south coast accessible on the internet. Working with a Linux software developer I created our first remote video application. The internet boom of 2000 allowed me to develop a commercial application forming the basis of our systems today.