By Clint Larson, 303tech
A few months ago, we received a call from a client about some missing emails. Upon investigation those missing emails turned out to be much more than that.
Several weeks prior, some of this company’s email accounts were compromised. Not just one, or two, but as many as five accounts. The hackers gained access through a simple email request to verify the email credentials, and then they waited patiently for their opportunity. They had access to the CEO, CFO, AR, Executive Assistant, and the Help Desk. The hackers waited, going through email accounts, learning how the company operated, and with whom.
One day, the CEO received a call from one of their clients explaining that they were pulling the money together and he would have it by the end of the week. The CEO, confused, started inquiring about what he was talking about. For the last week, the customer had been receiving emails from the CEO, CFO, and AR about multiple outstanding invoices. These emails started out kind enough, but soon turned very demanding. The emails were requesting hour by hour progress on the payment which needed to be wired into the account immediately. The sum: $1,845,000. The exact amount of the outstanding balance.
Fortunately, that client was able to pull back the transfer before any money was lost.
Hackers have easy, affordable access to more and more sophisticated systems. They are no longer just sending out an email campaign in hopes of someone clicking on it. It is one thing to steal the identity of a person, but what happens when they steal the identity of an entire company? This is easier than you think. Once they have access to the emails, they can setup phone systems, start making calls, and request money be directed to anywhere they desire.
What if this was a title company looking for a mortgage payoff? What if this was a request from a management company looking to transfer the reserves to a new management company? What if this was a vendor looking for a deposit before work could begin?
Would you know how to spot it? Would you know what to do?
There are hundreds of scams in cyberspace.
Business Identity Theft
That’s just the tip of the iceberg.
The real estate industry lost over $18 million in October of 2017. That is just the real estate industry, and in a single month. We are a part of that industry.
What can you do?
Follow some simple rules about emails:
- Are you expecting this email?
- Is this the type of email this person would typically send you?
- Is there a call for immediate action (click a link or open attachment)?
These three things may seem simple enough! If you follow them you are going to save yourself, your company, and your clients a lot of headaches.
Other items such as; email addresses being misspelled, improper grammar, special characters like Ⱨere or Ɱy, and learning to hover over a link to see where it is actually going to take you. All of these things will help prevent these malicious attacks.
What to do if you are a victim.
- Change all of your passwords.
- Contact your Bank/Financial institution and put a fraud alert on your accounts
Contact ReportWireFraud@state.co.us ReportWireFraud.com
- Be prepared with email requesting funds w/wiring instructions
- Email Headers (IT people can get that)
- Also report this to IC3.gov
If you need any further information, please contact CBI or 303tech.