« Poodle + Domino SSL = Mail Problems | Main| WordDOC Macro Killer »

Have you been targeted by Fraud emails?

Lately, we have seen an uptick of fraudulent emails. The fraudulent emails are only sent to one or two people in highly targeted attacks. First they locate the names of high level executives, Then "spoofed" message are sent allegedly from these executives to people empowered to disburse money  They hope the recipient will act quickly to please the executive and send money before realizing it is a spoofed message.

Many of the messages "pretend" to be internal, but that are really from external sources but use the display name of a senior executive, or that have ReplyTo to an outside domain.

For example, one attack could have this sender:

"Bill Gates" <bill.gates@micros0ft.com>

In most email systems, the display name is all you see, so a reply might miss the fact that the message is going outside the organization.

Have any of you been attacked like this? Or in other ways?

I would love to see some samples to see the variations on this attack. Post them below, or send to my email address frank_paolino@maysoft.com

Post A Comment




View Frank Paolino's profile on LinkedIn


Frank Paolino