TBayIT - Web Design / Development, Web Hosting, Content Management Systems

TBayIT Blog

TBayIT - Web Design / Development, Web Hosting, Content Management Systems

Spear Phishing for Email Transfers

Posted on November 16, 2016

Over recent months I have had a couple clients targeted by spear phishing attacks. In both cases the finance manager received an email from the executive director asking about paying a client.

This was the initial email sent in one example:

Please let me know if you’re available to process a transfer (this is a payment going out). And also, what are the information(s) you’ll be needing to process it?

[Name of Executive Director]
Sent from my iPhone

Another went like this:

I need to sort out an immediate financial obligation and would require you to facilitate a prompt wire transfer operation from your office to the United States. Are you at your desk?

[Name of Executive Director]
Sent from my iPhone

These may raise flags at some small organizations immediately but in larger organizations emails similar to this from one staff asking their finance department to transfer funds isn’t that abnormal. Most of the criminals try to make it sound extremely time sensitive.

It is simple to spoof an email address and in these cases that was exactly what was done. Depending on your email client it may hide the actual “reply-to” address until you create the email reply and sometimes not at all – and most people never notice these fields. In both of these cases the names and emails of the executive director and person(s) responsible for finances are publicly listed on their websites.

My recommendation is to always have internal policies and procedures to handle outgoing money transfers to flag these before they go out – especially to new suppliers. Even a quick phone call between staff would stop these in their tracks.

Leave a Reply

Blog & Social

Categories

Links

Search


Some of the technologies we utilize
Some of the web technologies used at TBayIT