(800) 853-2651
SHOP NOW

OT: email intercept scam - be wary

J

JML755

Well-known Member
Recently we had an offshore party (Nigerian) somehow intercept (or get a copy) of one of our accounting people's emailed invoices to a customer. They then sent an email to the company requesting payment be made to a different bank (spoofing our guy's email). They had all the pertinent information correct, job #, invoice #, etc. Just before the AP person at the company paid it, he took it to his boss who was suspicious and called us. We thought it was a "one-time" occurrence but it just happened again, so we've notified all of our customers. It's a new twist (for us) but from what I understand it's happening more and more. Most of our spoofed stuff relates to Nigerian princes and oil proceeds. But this is more dangerous as it has legitimate info in the thread and ALMOST worked. Our IT dept is working with our customer to track the source but most likely we'll just know where it's coming from without any further recourse. (Unless we can convince our president to take out Nigeria :lol:)

Just an FYI in case some of you guys handle any invoicing by email.
 
Well, let's see....what's been in the news lately?
1Things that I know of:
1) Equifax breach - kept quiet for quite some time after the fact
2) Yahoo and something else were mysteriously "down" for a while
3) few days later, Google, YouTube and Gmail also had problems

.....Anyone else see a pattern here? Someone out there's learnin' how to do stuff, and I don't think they've started on their Grand Finale yet! :shock:

Was chatting with the mail carrier this morning and he was mentioning about someone whose fancy, hi-tech auto was hacked into. Next thing anyone knew, there was an accident and the driver was killed.

OK, so I'm an ol' fuddy duddy - I don't want everything in my life to be associated with things concerning or related to internet, cellular (gee, and I have cellular internet! :lol: ), cloud-based, hi-tech everything out there. It's not the technology I don't trust - it's the people USING that technology who I don't trust!
 
Amen. I don't do online banking, I don't pay my bills online, I still write every check by
hand, I don't have a debit card, I still take all the cash I can get and I pay for most
things I buy in cash. I am still plunking around on a computer that is ten years old and
running outdated software. I am definitely not smart enough to have or use a smartphone.
And I definitely don't air my dirty laundry on Facebook.
 
See following article about University in Edmonton, AB, Canada that was scammed out of $11.8 Million CND:

http://edmontonjournal.com/news/local-news/11-8-million-transferred-from-macewan-university-accounts-in-phishing-attack


JimB
 
It's pretty easy to intercept email. If these invoices aren't encrypted and all emails not digitally signed than this would be a trivial attack and would not require an insider or a "hacked" server. Lot's of high school kids could pull this off. Until recently the problem has been sorting out all of the useless cat pictures from an exploitable piece of mail (e.g. your invoices). As computing power goes up, it's easier to have a computer sort through all of the intercepted email and find the vulnerable ones. Once a human has seen the vulnerable ones it's even easier to tweak the program to look for key words/addresses specific to your company.

Nothing should go into un-encrypted email that you wouldn't send in a postcard or thumbtack to your front door. Receivers shouldn't believe what they read in email anymore than they would an unsigned letter (having a signature they recognize).
 
Of course it's the Russians. They rigged the election, didn't they?

I don't bank or pay online either. Only an occasional online purchase but I fill it out manually, no card numbers stored on the PC. But as a guy at my bank told me, when you send a check you're giving somebody your name, address and account number.
 
You must log in or register to reply here.
Tractor Parts Tractor Manuals

We sell tractor parts! We have the parts you need to repair your tractor - the right parts. Our low prices and years of research make us your best choice when you need parts. Shop Online Today.

Copyright © 1997-2024 Yesterday's Tractor Co.

All Rights Reserved. Reproduction of any part of this website, including design and content, without written permission is strictly prohibited. Trade Marks and Trade Names contained and used in this Website are those of others, and are used in this Website in a descriptive sense to refer to the products of others. Use of this Web site constitutes acceptance of our User Agreement and Privacy Policy TRADEMARK DISCLAIMER: Tradenames and Trademarks referred to within Yesterday's Tractor Co. products and within the Yesterday's Tractor Co. websites are the property of their respective trademark holders. None of these trademark holders are affiliated with Yesterday's Tractor Co., our products, or our website nor are we sponsored by them. John Deere and its logos are the registered trademarks of the John Deere Corporation. Agco, Agco Allis, White, Massey Ferguson and their logos are the registered trademarks of AGCO Corporation. Case, Case-IH, Farmall, International Harvester, New Holland and their logos are registered trademarks of CNH Global N.V.

Yesterday's Tractors - Antique Tractor Headquarters
Website Accessibility Policy

Back
Top