What is happening?
Fraudsters are using phishing emails to steal usernames and passwords, allowing them to hack your personal or business email accounts.
They then troll and monitor your email account for an opportunity to intercept an invoice. For example, when you are purchasing goods and awaiting an invoice on email, or if your business is sending an invoice by email.
The scammers intercept an email, change the bank details on the invoice and send it on for payment. In many cases, they use spoofing to make the email address seem credible and trustworthy. Spoofing changes a letter or domain in the email address to make it appear legitimate.
The recipient pays the invoice thinking it comes from a legitimate source, when in fact the money is paid into the scammer’s account.
How to protect yourself
Here are some tips to help you prevent this fraud:
- If you are running a business, you can pre-empt this type of attack. Let current and new clients know that your banking details will never change. If they receive any correspondence announcing a change in bank details, advise clients to contact you and verify your banking details before they pay.
- You can also consider leaving your bank details off your invoices and calling clients to give them this information instead.
- If you are an individual who is supplying banking details, do not email invoices with bank details. Instead, give your banking information directly over the telephone.
Stay alert from email hacking and phishing
In our increasingly digital age, cybercrime is on the rise. However, not all fraud relies on sophisticated technology. Sometimes a common, simple deception can separate you from your money. For Fraud information from the authorities, click the links below to find out more.
Search articles in