Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




765 posts

Ultimate Geek
+1 received by user: 13


Topic # 209158 15-Mar-2017 11:11 Send private message quote this post

This morning I received an email from someone pretending to be the officer of an incorporated society I belong to. 

 

They are asking me to confirm that I'm able to send the funds ASAP and if so, they will send me the account details. My position in the society is Treasurer. The person supposedly sending the message is the Chair.

 

It appears to have been sent from an xtra address (personal email of chair) however the raw source shows a different address (reagan.com domain). The Reply-To field is also different (gmail address).

 

Is this an issue with Spark/Yahoo and their previous security breach or has the computer of the chair been compromised? I doubt it's the latter. Why spoof the email when you have control of the system?

 

Report to DIA?






Create new topic
2350 posts

Uber Geek
+1 received by user: 774


  Reply # 1736724 15-Mar-2017 11:35 Send private message quote this post

A number of people's xtra accounts seem to have been affected by this.  I known of three.





Mike

Guv

76 posts

Master Geek
+1 received by user: 16


  Reply # 1736726 15-Mar-2017 11:38 One person supports this post Send private message quote this post

Not just xtra - its happening with others as well.

 

its a spear phishing scam.

 

G


 

 



BDFL - Memuneh
57834 posts

Uber Geek
+1 received by user: 9445

Administrator
Trusted
Geekzone
Subscriber

  Reply # 1736730 15-Mar-2017 11:41 Send private message quote this post

It happens a lot and it's usually targeted. The scammers find a company or society with some of the officer's name in the open, check a list of leaked email addresses and spoof a message from there.

 

Ignore.





280 posts

Ultimate Geek
+1 received by user: 8


  Reply # 1736771 15-Mar-2017 11:54 Send private message quote this post

All you can do is implement strict email filtering, educate users and establish solid business processes for validating funds transfers e.g face to face, 4eyes etc.


Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Telecommunications monitoring report: Are you being served?
Posted 24-May-2017 11:54


NetValue partners with CRM Provider SugarCRM
Posted 23-May-2017 20:04


Terabyte looms as Vocus users download 430GB a month
Posted 19-May-2017 14:51


2degrees tips into profit after seven lean years
Posted 19-May-2017 09:47


2degrees growth story continues
Posted 17-May-2017 15:25


Symantec Blocks 22 Million Attempted WannaCry Ransomware Attacks Globally
Posted 17-May-2017 12:41


HPE Unveils Computer Built for the Era of Big Data
Posted 17-May-2017 12:39


Samsung Galaxy S8 Plus review: Beautiful, feature-packed
Posted 16-May-2017 20:14


After ten years of mail pain Spark is done with Yahoo
Posted 15-May-2017 13:12


Warnings from security firms: do not click that link or risk your computer being infected
Posted 15-May-2017 10:11


Pushpay named NZ Hi-Tech Company of the Year 2017
Posted 15-May-2017 09:59


Passive Optical Lan means fibre to the desktop
Posted 12-May-2017 17:09


Finalists Named for 2017 CIO Awards
Posted 11-May-2017 20:00


Exhibition to showcase digital artwork from across the globe
Posted 10-May-2017 18:54


Accelerate 2017 to focus on navigating disruption with a design thinking mindset
Posted 10-May-2017 18:49



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.