The 420 reported:
Find the original article here.
Key Takeaway: Verify bank change requests whenever there is a change in banking, not just when the request is suspicious.
Enroll in Training Sessions: Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat
According to SP Sabyasachi Saraf, who supervised the investigation, cybercriminals intercepted the email communication between the Indian company and its overseas supplier and executed a carefully planned spoofing operation to divert the payment.
Soon after the transfer, the company received another email stating that the payment had allegedly been rejected and requesting that the amount be re-sent to an alternative bank account. This raised suspicion among the company’s finance team.
To verify the claim, company officials contacted the vendor directly over the phone. During this conversation, it became clear that no payment had been rejected and that the vendor had never requested any change in banking details.
Soon after the transfer, the company received another email stating that the payment had allegedly been rejected and requesting that the amount be re-sent to an alternative bank account. This raised suspicion among the company’s finance team.
To verify the claim, company officials contacted the vendor directly over the phone. During this conversation, it became clear that no payment had been rejected and that the vendor had never requested any change in banking details.
Find the original article here.
Key Takeaway: Verify bank change requests whenever there is a change in banking, not just when the request is suspicious.
Enroll in Training Sessions: Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat