E-mail spoofing is becoming more and more prevalent and targeted in recent months. E-mail spoofing is the creation of an e-mail message with a forged sender address attempting to make the recipient believe it is from a legitimate source. Industry experts report that the quantity of spoofed e-mails is going down but the quality of the e-mails being sent is going up. These e-mail messages typically target employees in positions with access to sensitive information and appear to come from someone in leadership at a company. These e-mails may include official company identifying information up to and including company logos.
Below is an example of a spoofed e-mail:
Jason (Name of an Accounting Clerk),
How are you doing? I need you to setup an outgoing wire transfer of $18,250.22 to the account below. We’ve got to make a deposit on our acquisition. Please keep this quiet as many people do not yet know about this transaction.
Bank Name: First Nation B&T
Holder’s Name: James Rogers
Account Number: 123456
Routing Number: 123456
E-mail me the confirmation number when it’s done. I’ll be here.
Thanks,
Roger (Name of the CEO)
The above names were fictitious but imagine if you received that e-mail and it looked like it was from your CEO and had your company logo. The best advice that I can give is some you’ve heard for quite a while, if it JDLR (just don’t look right) it probably isn’t. We all get busy and our attention gets diverted so it is easy for us to forget to apply the JDLR filter before clicking a link or taking action on something that looks legitimate. The security of information starts with you. Take just a few moments when you receive a message that doesn’t quite look like a legitimate request to verify with the sender, either with a new e-mail or a phone call, that they were actually asking you to complete this action.
All Arc, All the Time 