Beware this new kind of phish
You’ve probably all heard of phishing – malicious attempts to get sensitive private information, normally spotted in badly crafted emails from ‘your ever loving friend in Nigeria’. Recently we’ve seen a significant rise in incredibly simple ‘man-in-the-middle’ style phishing attacks where the scammers have successfully taken large sums of money off the unfortunate victim.
‘Man-in-the-middle’ attacks traditionally refer to a fairly complex hacking method of intercepting network traffic and re-directing it to a new (seemingly legitimate) destination. The man-in-the-middle being the hacker who is now in control that you are blissfully unaware of.
The simplified phish that we’ve been seeing recently looks like this:
- The criminal (because that’s what they are) gathers intel on the target company. This can be seemingly innocent data – a letterhead, the name of the person that makes the payments, their email address, a list of suppliers or vendors. This info can also be gathered from the vendor side with information about existing customers.
- They then create an email address that is similar to the legitimate address used by the vendor for correspondence. Let’s say I buy widgets from Geoff Myers
. Bad guy creates Geoff Myers (spot the difference?)
- Bad guy now starts an email conversation with me – the reality is most of us only every look at the display name of an email sender, and that’s an exact match.
- And into the email correspondence goes a change of bank details. My next widget payment goes to the bad guy, and Geoff and I are up a creek because they bad guy’s buying bitcoin faster than you can say phish.
Now this sounds so simple that surely no one will fall for it, but I’ve now heard of 3 of these in the past 2 months. The first was overseas and the bad guys luckily picked on a vendor in the cyber security space (read here for a really interesting account), the second from a local law firm who had a property transfer nearly fall victim to this, and the third from a local small business this week who paid, and lost, a large sum of money to a ‘trusted’ international supplier.
Unfortunately there is no real way that technology can help prevent these types of attacks – the emails are not spam, they do not contain virus’s or links to malware, and they are carefully crafted and highly targeted. The only solution is awareness and adequate user training (and yes, technology can help with that!).
Our best advice is protect your own information and data by implementing well managed systems (CLOUDBOX!), trust your instincts, and if you are unsure about something there’s nothing quite like picking up the phone to check.
And, be sure to follow us on our SOCIAL MEDIA PLATFORMS to keep up to date with the latest news.