We’ve received all sorts of phishing emails - from the assassin that was after ‘our severed hands’ to TV Licensing to Netflix, it seems like there’s no end to these sneaky little scams. We’re taking a look at a more targeted email this month; one that pertains to be from someone in our office.
This is the email that our receptionist Katherine received (the dotted red line is an addition of ours). As you can see, unlike most of the phishing emails that turn up in our inbox, this one is incredibly sparse. Usually phishing emails will give you a little more information, like a deadline or a failed payment notification, as well as a bunch of fancy graphics. This is to convince victims that they’re dealing with the legitimate business that they’re pretending to be.
In this email, however, the sender tag is doing the hard work for the phishers. By using one of our Directors as the sender, the phisher is hoping that we won’t look at this email too closely. The usual tricks we might use to decipher whether we’re looking at a forgery - a close look at the language and looking for spelling or grammar mistakes - isn’t going to help much here. As the email isn’t pertaining to come from a business, the odd spelling mistake isn’t going to be too suspicious.
However, there is an emphasis on a deadline; the sender is wanting something to be done quickly. On its own, this isn’t too suspicious - same day payments are fairly run of the mill for some businesses. But it’s our first indication that we might be dealing with a forgery.
The follow up email is similarly, frustratingly short. This is unusual for our office, although it might be normal for other businesses. There isn’t a lot to go on here either, other than the obvious - the email addresses. The first email, rather than being from Dave Scott’s email address, is from [exec@securedirecmaill.co.uk]. Here we do get the spelling mistakes we can expect from a phishing email - the missing ‘t’ from direct, and the double ‘l’ at the end of mail. However, if you’re not taking a close look at the email address this is very easily missed.
The second email address is different, [md@securedirecmail.co.uk]. Although this is fairly high on our list of suspicious phishing scam signs (who changes their email address in the middle of conversation anyway), the signs are still pretty subtle. Even someone looking at the email address closely might read the ‘md’ or the ‘exec’ and assume that they were talking to a Director of the company. Luckily, Katherine isn’t about to send £5,887.93 to someone who isn’t in our database, and so the scammer left empty handed.
This kind of phishing scam is tricky, because in assuming the role of one of our Directors, we’re automatically going to be less suspicious. However, there are ways that you can avoid getting taken in by these kinds of scams - in addition to checking the senders of emails, and checking if they’ve misspelled a word in their email address.
When your business is required to send a large amount of money, a phone call is always going to be better than an email. Contact the sender directly, without using the email address that they’ve provided, ideally just giving them a quick ring to confirm. Pick up the phone, and just ask them to verify the email you’ve received. As always, it’s better to be safe than sorry.
Tweet us @TranscenditUK
