Near-Identical Domains & Hijacked Email Threads: How To Stay Alert To Email Fraud

Last Summer, we joined forces with NB Communication & GTS to put out a huge mailshot to Shetland businesses to alert them to the serious threat of email fraud as scammers continued to target Shetland businesses. We produced a poster (email us if you want a copy for your workplace office) and accompanied it with a letter detailing the threat, what to look out for and methods that should be implemented into businesses to greatly reduce the chances of falling victim. 

Now, in a time of grave financial uncertainty and worry, scammers are continuing to target businesses, their customers and their livelihoods. It is a real threat and one that should not be ignored. Scams are no longer the obvious. It is no longer royalty needing to offload cash, it is no longer emails from PayPal with poor grammar or clear errors.

It is elaborate efforts to hijack your correspondence with customers, suppliers and clients and divert cash into fraudulent bank accounts before being transferred into cryptocurrency - gone without a trace, leaving you, your customers or your suppliers without huge sums of money. 

The repercussions of falling victim to email fraud can be devastating for your business and/or your customers so it’s crucial that you are suspicious with any emails that are in regard to financial information and act with caution – phone and check is the simple rule you should be following.

What The Scammers Are Doing

There is a lot that is happening, however there is a mix of three that are much more regular than the rest and these ones are what we want to alert you to. 

Similar Domains & Spoofed Emails - These are are usually specifically targeted attacks where the scammer researches the business before setting up emails to pretend to be employees and either send emails to other employees with financial power or target customers to detail payment changes. Often it can be very easy to see who might handle finances - this could be "Finance Manager" on their "Meet The Team" or simply emails to their accounts@business.co.uk email address.

They will set-up an email address and impersonate an employee and mention a change of details or sometimes raise new invoices. This could be simple emails like name.business@gmail.com or they might register a new domain that is very similar. For example, if the scammer was targeting Cola Cola (coca-colacompany.co.uk) their new domain might be cocacola-company.co.uk. This means the emails will look very similar and it can become a very easy mistake to make.

The issue with the above, is that there is nothing that is stopping digital criminals from registering domains and the like. Away from that, hackers and scammers do sometimes do breach your email security.

Hijacking Email Threads - This is a little more complicated as above. With this, the email has either been intercepted due to poor security, or a business or their client's emails have been compromised or hacked. The scammer then lurks and remains on the lookout for any thread of emails detailing bank details or mentions of money/invoices. They will then email and declare a change of bank details and that is where the payment should be made. 

How To Stop This Happening To You

Advice is to exercise extreme caution. This is the simple and straightforward piece of advice. If you are dealing with the transferal of money this goes without saying - whether that is paying invoices of tens of pounds or tens of thousands of pounds. Ensure you have two-factor authentication on your emails to help reduce the chance of being hacked or compromised. The mindset of "this won't happen to me" is really not enough and we need to adapt and learn just as those trying to steal from you are doing. 

Protect your money, and it is advised that businesses make it clear to colleagues and people you deal with that your policy and procedure around financial information

Make it clear to your clients and customers that you would never ask for a change of bank details via email. You can easily add disclaimers to your emails or make it clear at the first point of contact.

Make it clear to those that handle finances to be suspicious of all emails detailing bank details and money. Always ask questions and phone and confirm the change of details.

If you have any further questions, need advice or want help setting up secure emails, please get in touch with us. Visit https://www.actionfraud.police.uk/ for more information on email fraud and what you can do if you have been the victim of digital crime. 

Written by Regan Williamson