Internet security first Symantec has issued an alert about spam campaigns involving fake wire transfer request emails. Symantec said such mails try to get the recipient to process a payment for non-existent goods or services by way of a wire or credit transfer.
“The scammers send an email to a target recipient usually pretending to be from the CEO or a senior executive of an organisation. The scammers will usually send the fake wire transfer emails to employees working in the finance department of a company, as those employees will have the ability to action payment requests,” a blog post said.
The company warned that scammers were found registering domains similar to the target domain. “For example, if a scammer was targeting a user at exampledomain.com they might register the domain exampledoma1n.com or exaampledomain.com. So for example, you might receive an email sent to you at firstname.lastname@example.org from CEO@exaampledomain.com,” it said, adding that the scammer here is hoping users might not notice the subtle difference in domain.
It was noted that the scammers are sending the emails out on the same day that they are registering the domains. This is likely in the hope that they can extract payment before the domain is reported and suspended.
If you receive a wire transfer request that seems out of the ordinary, always check that the sender is who they say they are. Ask yourself: is it normal procedure for your CEO to decide that you’re the best (or only) person to help in that situation? Check the email headers to see where the email has originated from.
If you receive an email with a thread that you’ve supposedly been sent before, check with the person who has supposedly sent the email. Reply to the sender but obtain their email address using your company’s address book in your email client.