Email / Malware / Phishing / Spear Phishing / SCAMS

Happy Holidays to all our clients and friends.  Below is an exciting read detailing new email scams and a reminder about the current ones making the rounds..


We're writing for 3 reasons:


1) to educate you on  what "spear phishing" and BEC email scams are (hover your mouse over the link to the left before clicking, look legit? It should link to a security blog in this case, NOT show some crazy website)


2) alert you to a new scheme the bad guys have cooked up


3) quick review of other email scams out there


Many of our clients have already seen the "please transfer $$ dollars to this bank account in china" that appears to come from their CEO or finance director.  These can sometimes be a bit tricky to spot (look for grammatical mistakes, writing style not typical to the boss you know and love or something "off" in the email address or name).  


A more sophisticated scam now involves the bad guys getting access to your vendor's email system and then intercepting messages and changing the wiring instructions to the bad guy's bank account - very clever.  The email comes from a trusted vendor, it references a known order, invoice or PO and simply asks you to update your billing systems with their new information.  


How to prevent against these? 


There are a few technical reasons why not all of these messages can be caught in a filter and they vary based on mail servers, DNS settings, filter settings and mail provider policies.  The rule of thumb is that you cannot depend on technology to keep all of these out.  


The answer is user education and departmental processes.  Anytime there is a request for money to be sent, especially via wire, ACH or electronically, have a process in place to check all information.  This could include a verbal check-in with your boss AND vendor, mandate 2 people approve everything and so on. Anytime someone requests any kind of change - same thing.  This is less of an issue with paper checks as they can be canceled and take longer to clear but the same principle applies: if a vendor or business partner changes anything related to receiving money, do a verbal check with all parties involved.


Please be sure to review ALL email correspondence with a critical eye.  If you see an email from someone you know that asks you to do something, especially wants you to click on something or send them information - STOP. Re-read the email, look for the context of the request, if it has none send a NEW email to the person and ask if they just sent you something, or call them (after all maybe their email is compromised). Every click has the potential to open up a world of hurt on you and your business.


Below I'll include screenshots of emails representing all these tricks, including:


1) the invoice attached email containing the dreaded cryptolocker - either a zip or word document (invoice for what? who is this person? is their any context for the email? send to us first)


2) scan sent from fax/copier (did you send it? Do you normally receive a scan from a copier that you haven't initiated yourself? again, what is the context for the email..) send it to us first


3) resumes, invoices and other things with attachments that you aren't expecting, especially zip files


To sum up, verbal checks are good, sending money based on one email communication is bad.


Please forward any email you suspect to our helpdesk (help@moonrivers.com) or your dedicated MoonRivers IT contact and we will review it before you do anything..

Feel free to forward this email along if you think it will help others


---------------------------------------------------------------------------------------------------------------------------------------

---------------------------------------------------------------------------------------------------------------------------------------


Stay away from Zip attachments! zip files can hide all sorts of dangers.  If you aren't waiting for a zipped up attachment from someone, send to us!

Don't open it, we'll check for you




---------------------------------------------------------------------------------------------------------------------------------------

---------------------------------------------------------------------------------------------------------------------------------------



Watch out for links to websites you have never heard of.  Send to us if you are unsure..





---------------------------------------------------------------------------------------------------------------------------------------

---------------------------------------------------------------------------------------------------------------------------------------


hover over the link to see where the website is taking you.  Amazon wants your business! they won't just terminate your account. Send to us!



---------------------------------------------------------------------------------------------------------------------------------------

---------------------------------------------------------------------------------------------------------------------------------------



Be wary of ANY WIRE REQUEST you receive.  Don't just wire it, verbally check with someone or send to us for review




---------------------------------------------------------------------------------------------------------------------------------------

---------------------------------------------------------------------------------------------------------------------------------------


Did you just scan something? If not, who did? No context? don't open it! send to us



---------------------------------------------------------------------------------------------------------------------------------------

---------------------------------------------------------------------------------------------------------------------------------------


No context here for the request, just asks you to click and sign - Don't do it! Send to us




Contact our helpdesk 24/7 at: help@moonrivers.com

We provide a full range of IT services including network / server / computer setup and management, email solutions and security, helpdesk, website hosting, VOIP integration and more

contact info@moonrivers.com for more information on how we can help your small business


2 people like this