Being in the technology business has its fair share of benefits and troubles. Over the past couple of months, we have experienced an alarming scam that we wanted our loyal customers to be aware of.
We are calling this scam BANK WIRE TRANSFER SCAM, and here is the information that we’ve gathered on this attack.
Overview: The goal of the Bank Wire Transfer Scam.
The primary purpose of this scam is to attempt a wire transfer via email from the victim’s (your) bank account to the hacker’s bank account. Unfortunately, we have seen the hackers be successful.
Here is how they do it…
#1 Suspicious Email
This is an example of an email that appeared to be from a familiar sender but it was a spoofed email that contained the entryway for the hacker to gain access to the victim’s email account.
If the blue “Click Document” button was clicked, it took the user to a screen that appeared to be a Google login screen (but it was not.) When the email address and password was entered, the hacker captured the information.
#2 Hacker Adapting
The next step for the hacker is to take several minutes or hours to learn about the victim. To do this, they search emails, read emails and understand who the bank is, whom the victim communicated with from their team, and how they worded emails.
#3 Create Filters & Send Email
After the hacker knows how the victim operates and communicates with their bank, they setup filters to discard (or trash) all emails that may thwart their plans. Then, they send an email to the victim’s bank contact requesting the wire transfer. The bank would typically respond via email to confirm the request (although the victim would not get this email since the filter was put in place.)
Tips on how to prevent a breach (or attack)…
- Call your bank and make sure you have voice authorization required for bank wires.
- Do not type in your email username and address into a screen that you are unfamiliar with.
- Hover over the button or link to detect the actual URL that it is directing too. If it looks fishy, do not click it.
- If the email appears strange and it is from a user or email address of a person that you know, call them and confirm they sent it.
- See if your email provider offers 2-Step authentication to prevent unauthorized access.
- Check your email filters if you suspect unauthorized access.
- Check your email security settings to make sure you are the only person logging into your email account.
- Tell your friends and family! Education is the most important tool. Share this newsletter and make sure they sign up for our newsletter here: Click to signup!
- Call us, we are always here to help!
Call us for assistance with safeguarding tips!
Click here to contact us!