After years of business with a company emailing back and forth with the bookkeeper on past due invoices you realize one of the invoices they are asking about was paid.
You were asked by email to send the check to a totally different address and person than normal.
You didn’t think too much about it because the email it came from is a trustworthy source…
…or is it?
I was contacted by a client and we realized a $10,000 invoice was paid, but to the wrong person. The client had been duped.
How did it happen?
A phishing email was able to con the bookkeeper out of Office365 credentials. It looks just like Microsoft asking for your Office365 sign on. Once the hacker had this, he got into the bookkeeper’s email account and started watching traffic with clients.
He found his targets and registered a new domain with 1 letter changed.
For example:
- The old domain name was thisisanexampleoNLy.COM but
- They registered a new domain, thisisanexamplenoLNy.COM.
- They were now emailing back and forth with a scammer with the email address of bsmith@thisisanexamplenoLNy.COM.
A simple letter adjustment, but if you are not paying attention it will slide right by, and in this case it did.
Two things to Remember:
- Be careful opening email and clicking on links. If you are signed into Microsoft Office365 and a sign in page pops up, be careful as this could be hackers getting your credentials.
- Know who you are dealing with and verify the email address is correct.
If you send money regularly to a business and they have new wiring or mailing instructions, beware, you may be the victim of a scam.
The criminals can take several months of emailing back and forth with your clients to prepare them for the scam.
If something looks off or feels off, it probably is.
A simple phone call to your vendor or client can help you avoid some painful financial losses.