Cybercriminals continue to target those in financial positions in an attempt to gain access company finances.
Today we had an instance where one of our clients was exposed to a targeted cybercrime attack via email. Not to be mistaken with a ransomware or phishing, a targeted attack requires both research and dedication on a cybercriminals behalf.
The cybercriminal will first do extensive research on the company that they would like to target. He or she does this by looking at digital content from places like social media and company websites. Once they have all the information they require, which is typically information about the business owner and CFO, they will start their targeted email attack.
GET YOUR FREE GUIDE HERE - Five ways to stay safe online
When the cybercriminal sends the email, it will look something like the image below. The email is a short, direct and always about money.
The staff at Evolve IT were amazed at the level of detail and research from this cybercriminal.
Here are a few things we spotted in this short email:
Sent from iPhone
The cybercriminal researched the business owner and found that most of their email was sent from an iPhone
They sent the email midmorning when the CFO would be reading their emails
“Follow Up” is not a subject line that you want to receive from a business owner. This an attempt to create panic and force an impulse decision.
Once the CFO replies to the email, the cybercriminal comes back swiftly as they have captured their attention.
In this email, they put in all their bank details which is more than likely linked to an offshore account. The amount is generally substantial, in this case they have asked for $39,000.
When the CFO did not reply, the cybercriminal completed a followed the request.
Luckily the CFO picked up that it was a targeted attack and forwarded the email to our support team where it was investigated immediately.
Email although a very valuable part of many businesses, it is also an older technology with various well-known technical limitations which can potentially lead to security issues if not identified and addressed appropriately.
How Evolve IT can help
At Evolve IT, we specialise in helping CFOs fight back against cybercrime through quality ICT solutions. We focus on your specific needs and create customised solutions to suit