Have you ever received a terrifying email or SMS claiming someone has hacked your computer, watched you through your webcam and / or has our sensitive files? If so, you are not alone as these types of scam emails are becoming more common and are designed to frighten you into paying up. This blog article takes a closer look at how this scam works and why you should not worry. Continue reading
You can find QR codes are everywhere these days, on restaurant menus, in shops, flyers and posters. QR codes are convenient and easy to use and you can easily scan them with your smartphone camera to go to a website, a coupon, a video or some other online content. Continue reading
Quick Response (QR) codes have been around for over 20 years, but were not used a lot until recently. During the COVI-19 pandemic, businesses needed a safe, contactless solution and QR codes provided an easy way for customers to access menus, place orders, log into WiFi and more – all without touching shared surfaces. Continue reading
You probably now receive a lot more text messages today from companies that you did a few years ago. This is due to businesses trying to bypass full inboxes. Retailers have joined the trend and are urging customers to sign up for shipping alerts via SMS. The medical industry has also joined the trend with doctors and dentists sending out SMS appointment reminders. Continue reading
Every day countless phishing emails are sent to unsuspecting victims. While some of these messages are obviously fraudulent, others can be a bit more convincing.
So, how do you tell the difference between a phishing email and a legitimate one? Unfortunately, there is not one single technique that works in every situation, but here are 5 things to be on the lookout for: Continue reading
Cybercriminals are nimble crooks that capitalize on current events. Right now, they’re exploiting the coronavirus.
Click here to download our Cyber Creeps & COVID-19 ebook and you will learn about:
Email remains the number one means of a cyber attack. Cybercriminals are increasingly sophisticated and always motivated. Companies from any industry, of any size, face targeted threats preying on heightened anxiety around the health pandemic.
Don’t be caught unaware. Review the known threats, get your users up to speed, and set up an email scanning solution to reduce risks.
The executives of your company are the big fish in your sea and cyber-criminals think of them as whales. In fact, whaling is a new cyber-security threat targeting your C-suite level staff. Continue reading
A number of our clients have received an email claiming that they have been hacked and that the hackers have video taped them watching porn. To stop the hacker distributing the so called video to all their friends, they demand a ransom payment. Continue reading
Many of our clients have reported recent messages from individuals claiming to have intercepted their username and password. These emails often state they have been watching and recording your screen activity and webcam.
Businesses around the world are being targeted with a cyber-attack that sends victims a fake invoice that looks real enough to fool to most people. It is based on an old scam that used to see invoices faxed or mailed to the victims and now it has made its way into the digital world and instances are on the rise.
You may have already seen some of the less effective attempts – an email advising your domain is expiring (except it’s not from your host and your domain is nowhere near expiration) or others that describe a product or service you would never have purchased.
The new attacks though are much more advanced as they look completely legitimate and are often from contractors and suppliers you actually use. The logos are correct, spelling and grammar are spot on and they might even refer to actual work or products you regularly use. The senders name may also be the normal contact you deal with at that business as cyber criminals are able to ‘spoof’ real accounts and real people. While it is worrying that they know enough about your business to wear that disguise so well, a successful attack relies on you not knowing what to look for.
Here are two types of invoice attacks you may receive:
1) The Payment Redirect
This style of fake invoice either explicitly states that the payment should be made to a certain account (perhaps with a friendly note listing the new details) or includes a payment link direct to a new account. Your accounts payable person believes they are doing the right thing by resolving the invoice without bothering you and unwittingly sends money to a third party. The problem may not be discovered until an invoice from the real supplier comes in or the transaction is flagged in an audit. Due to the nature of international cyber crime, it’s unlikely you’ll be able to recover the funds even if you catch it quickly.
2) The Malware Link
Rather than an immediate cash grab, this style of attack asks your employee to click a link to download the invoice. The email may even look exactly like the ones normally generated by popular accounting tools like Quickbooks, Xero or MYOB. Once your employee has clicked the link, malware is downloaded to your systems that can trigger ransomware or data breaches. While an up-to-date anti-virus should block the attack at that stage, it’s not always guaranteed (especially with new and undiscovered malware). If it does get through, the malware quickly embeds itself deep into your systems and often remains silent until detected or activated.
How to Stay Safe
Awareness is key to ensuring these types of attacks have no impact on your business. As always, keep your anti-virus, firewalls and spam filters up to date to minimize the risk of the emails getting through in the first place.
Secondly, consider implementing a simple set of procedures regarding payments. These could include verifying account changes with a phone call (to the number you have on record, not the one in the email), double checking the invoices against purchase orders, appointing a single administrator to restrict access to accounts or even two-factor authorization for payments. Simple preemptive checks like hovering the mouse over any links before clicking and quickly making sure it looks correct can also help. If anything looks off, hold back on payment / clicking until it has been reviewed. Fake invoices attacks may be increasing, but that doesn’t mean your business will become a statistic, especially now that you know what’s going on and how you can stop them.
We can help increase your security, talk to us today. Call us at 08 8326 4364 or on
su*****@dp*********.au