The Wall Street Journal is reporting that security firm, Secure Works, has figured out how cyber criminals break into email accounts and are able to capture payments intended for suppliers, particularly foreign vendors. In an alert to business last month the FBI Cyber Crime Department said wire frauds “may be harder to detect” because the wire-transfers involved were scheduled for legitimate suppliers.
The scam worked by hacking into web-based email accounts and secretly changing them so buyers emails were forwarded to the scammer. When a buyer from the supplier sent an order the criminals changed the order payment instructions and forwarded them without either party knowing. They also submitted modified invoices where funds were designated to be sent to the criminal’s accounts instead of the seller. Undetected, this is a perfectly executed “man-in-the-middle” attack.
How to protect yourself
As we recommended in “Passwords: the first line of Cyber Defense” you must use a complex password for all of your online accounts, and as we point out in the article there are only two ways of securely doing this. Second, you should be encrypting all of your sensitive email, and of course we recommend docNCRYPT™. It would also be good business practice to separate email addresses for invoicing and payments to add an additional level of security for companies routinely sending wire transfers.
You can read the full article in the Wall Street Journal.