The idea derives from an old scam where fake invoices were posted in to a company or faxed, but now these types of scam have made their way in to the digital world.
Chances are you’ve already seen some of the less effective attempts, like an email advising your domain is due to expire, except it’s from a company you have never heard of and your domain is nowhere near expiration.
There are however now a new wave of attack that are more advanced, in that they look completely legitimate and are often from contractors/suppliers you actually use. Logos are correct, spelling and grammar are spot on, and they might even refer to actual work or invoice numbers. The sender name may also be the normal contact you’d associate with that business, or even a co-worker, as cybercriminals are able to effectively ‘spoof’ real accounts and real people. They usually happen as a result of an email account being compromised at some point via weak password or phishing scam.
Here are the two most common types:
The Payment Redirect
These usually come in the form of an invoice that you may well be expecting, however they state that payment must be made to a new bank account and the supplier has change bank for what ever reason. Sometimes it may just be that the bank details on the invoice have been altered. Your accounts payable person believes they’re doing the right thing by resolving the invoice and unwittingly sends company money offshore. The problem usually isn’t discovered until the real invoice from the real supplier comes in or supplier calls to chase overdue payment. Due to the nature of international cybercrime, it’s unlikely you’ll be able to recover the funds even if you catch it quickly.
The Malware Click
This type of scam has been around for a little longer, an email comes through with an invoice attached, they often look genuine. We have even seen mockup attachment icons placed within the email message to look like a PDF file; however once you click the link malware is downloaded that can trigger ransomware or data breaches. While decent anti-virus software should protect you from the attack at this stage, it’s not always guaranteed, especially with new and undiscovered malware. If it does get through, the malware can often silently linger around in you system for a while until it decided to carry out an attack.
How to Stay Safe
As with many of these types of scam staff awareness is key. If in doubt that a supplier has changed their bank details, don’t reply to the email, call them in person and confirm bank details over the phone.
Its also important as always, to make sure your system is up-to-date with Windows update security patches, and that you have good quality Antivirus software.