Beware of New Email Scam

Beware of New Email Scam

Proper Sky has identified a new scam that has been received by several of our customers.  As your trusted cybersecurity partner, it is our duty to make you aware of these evolving threats so that you can take action to protect your organization.

Most phishing attempts we see attempt to redirect users to a disguised login page to steal credentials and compromise the account. While these methods are still a common practice, this new scam has proven to bypass existing security controls since there is no link or attachment included in the email for us to scan and blacklist.

This new scam is purely a text-based message where the attacker attempts to convince the organization to make a fraudulent payment. This makes user education even more critical in protecting your business from this particular scam. Employees must be aware of this scam and know how to respond to avoid falling victim to the attack.

• The key condition that sets this particular scam apart from others, is a fake email thread embedded into the body of the email between the sender and an Executive at your organization (such as a CEO, COO, CFO or board member).
• The fake conversation appears as a forwarded message, where the scammer is requesting a payment be made to pay off a debt or purchase. The Business Executive then appears to approve the payment and requests that the message be forwarded to Accounts Payable or similar financial role of the organization. This fake conversation is meant to convince the company to make the fraudulent payment.
• In the cases we’ve seen, the sender is not a person who the organization is familiar with and is likely using a fake name.
• Additionally, of the reported messages we’ve received from our customers, all campaigns fell short due to Accounts Payable identifying the actual sending email address as using domain names that appeared sketchy. This is not a guarantee however, and similar types of scams have been seen in the past that originate from an impersonated individual that the organization is familiar with, or even their compromised account.

Here are a few keys steps you should take to try and prevent this from becoming a successful attack:

1. Educate your employees: Specifically, accounts payable or anyone who has the authority to make payments. Make sure they’re aware of emerging scams like this and how to respond.
2. Verify all transactions that include a conversation that supposedly occurred between key leadership members and an unknown party: If an organizational leader did not reach out to you directly, verify the request with that key leader. Do not make a payment until this conversation has been authorized directly by that person.
3. Consider implementing dual payment approvals: Dual payment approvals require that at least 2 authorized individuals both need to verify a payment before the financial institution is allowed to send the funds.

If you’re an active customer of Proper Sky, our Account Support staff is happy to review and assist you with hardening these types of controls to reduce your risk of impact. Contact us today online or call us at 215.305.8899 opt. 1 to get started.