Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




766 posts

Ultimate Geek
+1 received by user: 13


Topic # 209158 15-Mar-2017 11:11
Send private message

This morning I received an email from someone pretending to be the officer of an incorporated society I belong to. 

 

They are asking me to confirm that I'm able to send the funds ASAP and if so, they will send me the account details. My position in the society is Treasurer. The person supposedly sending the message is the Chair.

 

It appears to have been sent from an xtra address (personal email of chair) however the raw source shows a different address (reagan.com domain). The Reply-To field is also different (gmail address).

 

Is this an issue with Spark/Yahoo and their previous security breach or has the computer of the chair been compromised? I doubt it's the latter. Why spoof the email when you have control of the system?

 

Report to DIA?






Create new topic
2543 posts

Uber Geek
+1 received by user: 873


  Reply # 1736724 15-Mar-2017 11:35
Send private message

A number of people's xtra accounts seem to have been affected by this.  I known of three.





Mike

Guv

76 posts

Master Geek
+1 received by user: 16


  Reply # 1736726 15-Mar-2017 11:38
One person supports this post
Send private message

Not just xtra - its happening with others as well.

 

its a spear phishing scam.

 

G


 
 
 
 


BDFL - Memuneh
58093 posts

Uber Geek
+1 received by user: 9634

Administrator
Trusted
Geekzone
Subscriber

  Reply # 1736730 15-Mar-2017 11:41
Send private message

It happens a lot and it's usually targeted. The scammers find a company or society with some of the officer's name in the open, check a list of leaked email addresses and spoof a message from there.

 

Ignore.





283 posts

Ultimate Geek
+1 received by user: 8


  Reply # 1736771 15-Mar-2017 11:54
Send private message

All you can do is implement strict email filtering, educate users and establish solid business processes for validating funds transfers e.g face to face, 4eyes etc.


Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Red Hat unveils production-ready open source hyperconverged infrastructure
Posted 23-Jun-2017 22:10


Whatever ailed Vodafone broadband … seems to be fixed
Posted 23-Jun-2017 14:10


VMware NSX Meets Stringent Government Security Standards with Common Criteria Certification
Posted 22-Jun-2017 19:05


Brother launches next-generation colour laser printers and all-in- ones for business
Posted 22-Jun-2017 18:56


Intel and IOC announce partnership
Posted 22-Jun-2017 18:50


Samsung Galaxy Tab S3: Best Android tablet
Posted 21-Jun-2017 12:05


Wellington-based company helping secure Microsoft browsers
Posted 20-Jun-2017 20:51


Endace delivers high performance with new 1/10/40 Gbps packet capture card
Posted 20-Jun-2017 20:50


You can now integrate SMX security into Microsoft Office 365, Google and other cloud email platforms
Posted 20-Jun-2017 20:47


Ravensdown launches new decision-making tool HawkEye
Posted 19-Jun-2017 15:38


Spark planning to take on direct management of all consumer stores
Posted 19-Jun-2017 10:03


Qrious acquires Ubiquity
Posted 14-Jun-2017 12:21


Spark New Zealand prepares for 5G with Nokia
Posted 14-Jun-2017 12:16


The future-proof 10.5-inch iPad Pro
Posted 13-Jun-2017 18:16


Mandatory data breach reporting in Australia
Posted 13-Jun-2017 11:30



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.