Fake Internal Email Alert – Impersonated Domain
Watch out for those emails pretending to come from your managing director.
I recently had a companies Finance Manager contact me about an email he had received. He had received this email from his boss, the Managing Director, asking him to pay a client nearly £10,000 for services they had provided. The Finance Manager responded with a question about bank accounts and got a reply within 15 minutes with account details.
He was suspicious as he had just spoken to the Managing Director and also the tone of the email was not quite in keeping with their usual exchanges (although very very realistic – no spelling mistakes, no poor grammar etc). He confirmed this payment with the Managing Director (via phone) and found he hadn’t sent it. (Apparently this company has a policy of double checking either in person or over the phone anyway for an unscheduled payment, so hopefully this would be caught anyway).
This is when I get contacted – to find out who had hacked into the Managing Directors email account.