Evan was at a client site doing some maintenance. The Controller got an email from the daughter of the owner asking if she was available to send out a same-day payment. It just so happens that the two ladies were in the same room when the email came in, so the hunt began.
As Evan was checking out the original email, he noticed that there was one extra letter in the domain name. You really had to look closely to see that it was off, since it was an extra letter ‘i’ right in the middle. This means whoever was running this scam had an email address with one of the current user’s names, purchased a domain name which was one letter different than the ‘real’ one, then sent it out.
This isn’t some bulk email blast trying to trick people. This is a targeted, methodical effort that took time and investment to pull off. Of course the ‘fake’ domain address was blacklisted right away, and everyone in the office was made aware, but this is very serious.
When was the last time you looked your employees in the eye and told them to be careful on their (your) computers?
Businesses are under attack, and the perpetrators are determined, clever, and getting more sophisticated each day. Be careful, and tell your staff to be careful!