Nov 6 / Admin

New Scam Alert: Double-check demand payment emails from law firms: Convincing fakes surface

The A Register reported: 

A new threat group called Crimson Kingsnake is impersonating real law companies and debt recovery services to intimidate businessess into paying bogus overdue invoices.

The cybercrime gang's business email compromise (BEC) campaign is targeting marks in the US, Europe, Australia, and the Middle East using blind third-party impersonation tactics, via email addresses hosted on domains that closely resemble the firms' real domains, and sending emails that include the actual address and VAT number of the impersonated companies.

All of this is to reinforce the legitimacy of the messages, according to researchers with cloud email security company Abnormal Security. The emails look real and if the targets were to search Google for the lawyers' or law firms' names, they would seem legitimate.

Find out more with the original article here.

Enroll in Training Sessions:  Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat


* indicates required