THE following scam has been going around for some time.
A business will receive an e-mail from a known vendor they have been dealing with for some time, indicating that their banking information has changed. While at first glance the e-mail looks legitimate, there will be subtle differences that are not noticeable to the casual observer.
Scammers are professional criminals and it may take them months to find the right target.
Once they have identified their target, they then go to the company website, looking for the contact information of finance or IT executives.
They will then target that employee with a spear-phishing e-mail.
This e-mail will contain a Keylogger or a Remote Access Terminal (RAT) that will install automatically behind the scenes.
These “Trojans” gather and monitor everything you do on your computer and, once they have gathered the relevant information, they will then be able to remotely access your computer without you knowing.
After they have access to your computer they then create an e-mail rule that will duplicate and forward any e-mails with invoice, bank account etc in the body or subject of the e-mail.
These e-mails are forwarded to a “burner” e-mail account. Once they have this information it is not to difficult to send you an e-mail with the vendors “spoofed” e-mail address, requesting the bank account change.
“If you receive an e-mailed request to change banking information, call the company to verify the information.
“Do not call any number that appears on the e-mail, rather use the number you have on file for that vendor,” said Rick Crouch, private investigator with Rick Crouch and Associates.