Mail spoofing, a cyber-threat induced by the victim

BY CAMARGUE UNDERWRITING MANAGERS

Mail spoofing and spear phishing are some of the most prevalent cyber frauds committed in businesses globally.

This current trend is disastrous to company owners, regardless of their size. Companies can procure technology such as anti-viruses and firewalls to secure their networks and while this is a necessity, it is only partially effective if managed and maintained by security specialists.

It will however not prevent a well-orchestrated spoofing or phishing exercise, which is generally perpetrated by skilled fraudsters preying on unsuspecting and inadequately trained employees.

But what happens when you fall victim to cybercrime and the loss occurred isn’t in the form of business interruption or damage to computer systems? The average business owner in 2019 has heard of an instance where a friend or fellow business owner has paid an invoice to the wrong bank account? This could have been because they received an e-mail informing them that the banking details of a regular recipient have changed. Perhaps a personal assistant or employee in the accounts department has received an e-mail from their perceived superior or CEO instructing them to immediately make payment to a specified account? However, after payment was made, it is found out that the recipient had fraudulently misguided them into making the transaction.

Spear phishing is almost always a socially engineered scenario orchestrated by skilled operators who through research find out human employee characteristics, traits and weaknesses.