It's quite common to receive bank payment details in an email - after this, you'll be VERY wary!

UBT Client loses $50000 to scam!

Very recently one of our clients reported a major loss due to malicious activity - the story is a very compelling reason to be suspicious!

The $50K was made up of two payments - one to a regular business supplier, the other, most unfortunately, was to a lawyer for a house deposit.

It is apparent that the hacker was intercepting the persons emails for some length of time, and watching for large dollar values.  

$3K bill payment

An incoming statement from a supplier was received with the following note...

"Please note, we have recently moved banks. Please ensure your payment is to our new account details as follows...."

This email though had been intercepted, and the new bank details had been added - their supplier had not changed banks, and the account was duly paid into the hackers chosen bank account.  It wasn't until an overdue notice appeared that the missing money was discovered.

$45000 House Deposit

Whilst finalising a house purchase, the lawyers 'Trust Account' bank details were emailed.  Once again this email was intercepted and in fact delayed for some time longer than expected.  When it arrived, the payment was made and once again, the money was actually paid to the hackers chosen account due to bank details in the email being altered.

How did it happen?

At this point we know that the hacker gained access to the business web portal - in this case a cPanel account.  Possibly this may have been due lax password security, an old password or possibly a password that was too easy to guess.

Key Lessons

• If an email gives notification of bank details that you have not paid before - CALL the supplier directly to confirm the change.  

• If the supplier CALLS YOU - explain you will call them back in 2 minutes, hang up and look the number up directly to call them back.

IMPORTANT: DO NOT use the contact details on the email - these may also have been changed! Always look up the contact details from a reliable source.

• Change passwords for financial security regularly.

• Use random passwords with good security properties - for example; capital and lower case letters, number and symbols.

• Use different passwords for each different sites and applications

• NEVER share important passwords via email!

• Where possible use secure email settings (SSL) - your email provider can advise if this is available for you.

• If you have your own domain name, consider keeping your email separate from your website hosting.  Using a domain hosted Gmail or Office365 email account would eliminate the chance of a website or webhost hack like this from allowing your email to be intercepted.