Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




788 posts

Ultimate Geek
+1 received by user: 18

Subscriber

Topic # 209158 15-Mar-2017 11:11
Send private message

This morning I received an email from someone pretending to be the officer of an incorporated society I belong to. 

 

They are asking me to confirm that I'm able to send the funds ASAP and if so, they will send me the account details. My position in the society is Treasurer. The person supposedly sending the message is the Chair.

 

It appears to have been sent from an xtra address (personal email of chair) however the raw source shows a different address (reagan.com domain). The Reply-To field is also different (gmail address).

 

Is this an issue with Spark/Yahoo and their previous security breach or has the computer of the chair been compromised? I doubt it's the latter. Why spoof the email when you have control of the system?

 

Report to DIA?






Create new topic
3135 posts

Uber Geek
+1 received by user: 1166


  Reply # 1736724 15-Mar-2017 11:35
Send private message

A number of people's xtra accounts seem to have been affected by this.  I known of three.





Mike

Guv

78 posts

Master Geek
+1 received by user: 16


  Reply # 1736726 15-Mar-2017 11:38
One person supports this post
Send private message

Not just xtra - its happening with others as well.

 

its a spear phishing scam.

 

G


 
 
 
 


BDFL - Memuneh
59058 posts

Uber Geek
+1 received by user: 10340

Administrator
Trusted
Geekzone
Subscriber

  Reply # 1736730 15-Mar-2017 11:41
Send private message

It happens a lot and it's usually targeted. The scammers find a company or society with some of the officer's name in the open, check a list of leaked email addresses and spoof a message from there.

 

Ignore.





318 posts

Ultimate Geek
+1 received by user: 12


  Reply # 1736771 15-Mar-2017 11:54
Send private message

All you can do is implement strict email filtering, educate users and establish solid business processes for validating funds transfers e.g face to face, 4eyes etc.


Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Netatmo launches smart home products in New Zealand
Posted 20-Nov-2017 20:06


Huawei Mate 10: Punchy, long battery life, artificial intelligence
Posted 20-Nov-2017 16:30


Propel launch Disney Star Wars Laser Battle Drones
Posted 19-Nov-2017 21:26


UFB killer app: Speed
Posted 17-Nov-2017 17:01


The case for RSS — MacSparky
Posted 13-Nov-2017 14:35


WordPress and Indieweb: Take control of your online presence — 6:30 GridAKL Nov 30
Posted 11-Nov-2017 13:43


Chorus reveals technology upgrade for schools, students
Posted 10-Nov-2017 10:28


Vodafone says Internet of Things (IoT) crucial for digital transformation
Posted 10-Nov-2017 10:06


Police and Facebook launch AMBER Alerts system in NZ
Posted 9-Nov-2017 10:49


Amazon debuts Fire TV Stick Basic Edition in over 100 new countries
Posted 8-Nov-2017 05:34


Vodafone VoIP transition to start this month
Posted 7-Nov-2017 12:33


Spark enhances IoT network capability
Posted 7-Nov-2017 11:33


Vocus NZ sale and broadband competition
Posted 6-Nov-2017 14:36


Hawaiki reaches key milestone in landmark deep-sea fibre project
Posted 4-Nov-2017 13:53


Countdown launches new proximity online shopping app
Posted 4-Nov-2017 13:50



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.