LOCAL private investigator, Rick Crouch of Rick Crouch & Associates are urging the community to watch out for a business fraud scam that has been going around for some time.
He said many business owners may recognise the modus operandi.
ALSO READ: TAKE NOTE: Transnet warns of job scams
“A business will receive an email from a known vendor that they have been dealing with for some time indicating that their banking information has changed,” said Crouch.
He said while at first glance the email looks legitimate, there will be subtle differences, such as an additional letter or number in the email address that is not noticeable to the casual observer. Or the email address may be “spoofed” and look identical to the vendor’s email address.
“Clients often ask us how the scammer got their and their clients’ information. Well, it is not by chance. These are professional criminals and it may take them months to find the right target,” said Crouch.
He added that once they have identified their target they then go to the company website looking for the contact information of finance or IT executives. IT executives are the best because their accounts have access to everything.
“They will then target that employee with a spear phishing email. This email will contain a Keylogger or a Remote Access Terminal (RAT) that will install automatically behind the scenes. These Trojans quietly gather and monitor everything you do on your computer. Once they have gathered the relevant information they will then be able to remotely access your computer without you knowing,” said Crouch.
After these criminals have access to your computer they then create an email rule that will duplicate and forward any emails with your invoice, bank account etc in the body or subject of the email. These emails are forwarded to a Gmail, Yahoo or other “burner” email accounts.
Once they have this information it is not to difficult to send you an email with the vendors “spoofed” email address requesting the bank account change.
ALSO READ: Car recovery scam hits Westville
The bank account that the payment is sent to is usually opened by someone from an informal settlement that was paid to do so, the criminals have no connection to this person.
“Companies must ensure that their anti-virus software is updated regularly and that their firewall is configured correctly. Have training sessions to educate your staff on the signs of a phishing email and how to prevent it, do not put your company executives on your website. And finally, if you receive an emailed request to change banking information call the company to verify the information. Do not call any number that appears on the email but use the number you have on file for that vendor,” said Crouch.
Do you want to receive alerts regarding this and other Highway community news via WhatsApp? Send us a WhatsApp message (not an sms) with your name and surname (ONLY) to 060 532 5409.
You can also join the conversation on Facebook, Twitter and Instagram.
PLEASE NOTE: If you have signed up for our news alerts you need to save the Highway Mail WhatsApp number as a contact to your phone, otherwise you will not receive our alerts
