We recently reached out to NB Communication & GTS due to our concern over the rise of hijacked email threads and spoofing emails that have been targeting Shetland’s businesses over the past couple of months. Both GTS and the team at NB agreed that this was a serious problem and was something that should be fought head on.
We have produced a letter detailing the warning, accompanied by a poster that can act as a constant reminder of the threat that can lurk in an email. The repercussions of falling victim to email fraud can be devastating for your business and/or your customers so it’s crucial that you are suspicious with any emails that are in regard to financial information and act with caution – phone and check is the simple rule you should be following.
We have put out a mailshot of around 500 of Shetland’s businesses, made up of our clients and customers. If you are looking to receive the letter and poster then do not hesitate to get in touch. We have also contacted Shetland press, including the Shetland Times and the online Shetland News to expand reach – especially since this isn’t just hurting businesses. Customers are also being affected and losing, or at risk of losing, serious amounts of cash.
Online criminals are spoofing emails and intercepting and hijacking emails and then asking for the money to be sent to the new details. They will often set-up email addresses similar to the usual sender/recipient which makes it look as though it is coming from a trusted, legitimate source. The email will often only show their display name rather as their actual email too, which makes it look all the more real unless you really look at it.
Spoofing emails are usually specifically targeted attacks where the scammer researches the business before setting up emails to pretend to be employees and either send emails to other employees with financial power or target customers to detail payment changes. It’s very easy to find out details about those within a business, then subsequently set-up an email to pretend to be an employee and email accounts departments or financial officers.
Hijacked email threads are a little more complicated and with this, the email has either been intercepted due to poor security, a business or client’s emails being compromised or hacked. With this, the scammer will be on the look-out for any threads of emails detailing banks or money and will then get involved pretending to be one of the two and ask for the payment to be sent to the new bank details.
It’s advised to simply exercise extreme caution and always be suspicious of any emails that relates to financial information. Thousands of businesses across the United Kingdom are being targeted and this is mirrored in Shetland – you can no longer have the mindset that this ‘won’t happen to me’, therefore it’s vitally important to take this matter seriously. As mentioned, the repercussions of complacency can be extreme to both business, supplier and customer.
Protect your money, and it is advised that businesses make it clear to colleagues and people you deal with that your policy and procedure around financial information
Make it clear to your clients and customers that you would never ask for a change of bank details via email. You can easily add disclaimers to your emails or make it clear at the first point of contact.
Make it clear to those that handle finances to be suspicious of all emails detailing bank details and money. Always ask questions and phone and confirm the change of details.
Professional bespoke website design and home of the IRIS Website Builder.learn more
Let the power of Microsoft Office 365 streamline your business and save you money.learn more
We build custom business software designed around your specific needs.learn more
We help businesses appear higher in search results and promote themselves more effectively online.learn more