0801 58 58 85, 71 707 27 09 biuro@pcservicegroup.pl

New sophisticated phishing attack – how to spot it and don’t be a victim!

Attack:

Hacker research your business, learn who is who from your website, LinkedIn etc.

Once your computer is infected with malware, hackers will search your mail for details of your suppliers, learn about payments patterns. Once hacker obtained enough information he will send you personalised email pretending to be one of your supplier requesting you to make payment. They might notify you that they have change bank and ask you to pay to new account.

This email will be directed to you with your name, with no spelling mistakes or other inconsistencies.

Once payment is made, hackers disappear with money

Discovery:

Usually will happen once original supplier will chase their payment.

Tell-tale signs are:

Incorrect email address (misspelled googl.com instead google.com)
Incorrect return email address
Change to the method of payment or account details
Chasing of the non-due invoices
Emails sent out of business hours for business that don’t operate 24/7

Prevention:

1. Make call to your supplier and double check if request is legitimate
2. Don’t use email for verification as your system can be compromised
3. Ensure you have commercial version of Antivirus with updates installed
4. Ensure that your Operating System is up to date
5. Regularly perform full antivirus scans on all computers
6. Disable direct access to internet form office and use Proxy server
7. Connection from outside office should be through VPN
8. Contact your trusted and friendly IT support team as soon as possible