We recently had a long-standing client (mid-size organization) contact us with concern that his email was compromised while traveling overseas. Emails went to specific people in the company under the false-pretense that the associate was in distress and needed monetary assistance. The nefarious email was opened and read, which infected the recipient’s laptop.
Though you may be familiar with a similar type of phishing, this incident is unique as we’ll explain.
Even tried and tested technology professionals can benefit from our experience, support and rapid response times to prevent headaches and expensive missteps when it comes to email and network security.
Technician: Vince E., Client: Names Have Been Changed
Stacy just called and believes that Chris’s email has been hacked while traveling the last few days. The Hacker is masquerading as a similar email as the CEO and sending out instruction to wire/transfer large funds via the included attachments.
– This was not a Breech – an attempt at social engineering (con game). The emails are coming from a .co domain, not the company’s .com domain, but the rest of the email matches that of a C level executive.
– Ran malware bytes and ESET – force closed a suspicious updater
– Verified .co is not an alternate domain for company and found suspicious domain registration (.co) created this morning
– Attack was accomplished via social engineering, not a breech/hack
These types of wire transfers are not uncommon for large companies to pay vendors and the hacker knew exactly which individual to send the email to, and who to pretend to be in order to make the request seem normal.
Problem cleaned up. Ticket closed. Client graciously thanked us for rapid investigation and resolution. Local police were notified and domain registration info was passed along to assist in investigation.
These type of schemes have been running rampant. Criminals consistently try to deceive individuals with lookalike emails to convince recipients to open attachments.
About Social engineering
In the context of Technology & IT security, this term refers to the manipulation of people into performing actions or divulging confidential information. It’s a type of confidence trick for the purpose of information gathering, fraud, or system access, and differs from a traditional “con” because it is often one of many steps in a more complex fraud scheme.
Phreedom Technologies’ IT Security Services
As much as communications technology (domains, email) was involved in this scheme, it is almost impossible to prevent these kinds of incidents because they prey on the human-factor, not technology vulnerabilities. With Phreedom, we’ll be your technology leader and reduce your security risks. These types of incidents are potentially PR nightmares for companies. We understand the need for expedient investigations and rapid response. We can also help your organization prevent other types of attacks or data security issues. Call 602.336.3450 or contact us here and we’ll follow-up promptly.
Other Measures You Can Take With Our Guidance
- Establish frameworks of trust on an personnel level. Train personnel as to how sensitive information should be handled.
- Identify what information is sensitive and evaluate its exposure to social engineering and security systems.
- Establish security protocols, policies, and procedures for handling sensitive information.
- Train employees in security protocols relevant to their position and physical environment.
- Perform unannounced, periodic tests of security frameworks.