Reminds me of this story: https://blog.namics.com/2016/09/fake-president-resp-fake-ceo-trick-bei-namic... https://blog.namics.com/2016/09/fake-president-resp-fake-ceo-trick-bei-namics-zahlung-per-mail-angewiesen.html
-steven
Am 07.10.2016 um 14:46 schrieb Mike Kellenberger mike.kellenberger@escapenet.ch:
Hi all
I might be slightly off-topic here, because it's not a network issue, but it might be of interest to some of you anyway and maybe you've had customers which were affected as well.
I don't know if this ploy is new, but after having two customers affected within one week, I suspect it is.
The customer receives an e-mail with an invoice from his supplier, which he trusts and has worked with in the past. Shortly after this e-mail he receives another e-mail from the same sender and in the exact same layout stating that the company has a new bank account and that this account should be used.
The second e-mail is forged of course. We haven't beeen able to find out where the original mail gets captured (most likely on the suppliers client, because in one case, more than one customer of the supplier was affected).
The fraudulent bank account was in UK in both cases, in one case the amount was around CHF 6K, where the UK authorities did not get active, in the second case it was a 6 digit amount... That case is still ongoing.
The fraudulent bank account was already closed again in both cases when the customer realized that his transaction had gone to the wrong account (usually after the supplier asked if the money had not been transferred yet).
Have you had similar cases?
Regards,
Mike
-- Mike Kellenberger | Escapenet GmbH www.escapenet.ch +41 52 235 0700/04 Skype mikek70atwork
swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog