Spoofing the Boss

Krebs on SecurityWe saw a great new post about spear phishing written by by Brian Krebs, author of the Krebs on Security. It’s so good, we wanted to share it with you:

Judy came within a whisker of losing $315,000 in cash belonging to her employer, a mid-sized manufacturing company in northeast Ohio. Judy’s boss had emailed her, asking her to wire the money to China to pay for some raw materials. The boss, who was traveling abroad at the time, had requested such transfers before — at even higher amounts to manufacturers in China and elsewhere — so the request didn’t seem unusual or suspicious.

Until it did. After Judy sent the wire instructions on to the finance department, something about the email stuck in her head: The message was far more formal-sounding than the tone of voice her boss normally used to express himself via email.

By the time she went back to review the missive and found she’d been scammed by an imposter, it was too late — the employee in charge of initiating wires at her company had already sent it on to the bank.”

Read the rest of the post.

To learn how Sendio employs specially filters to eliminate phishing attacks while still letting all legitimate emails in, call (949) 274-4375 or fill out this form to schedule a demo.