Police say that a bulk of victims are companies that have overseas dealings and primarily use email to communicate
Authorities are warning businesses about email impersonation scams, saying that victims have already lost $19 million from January to September of this year.
According to police reports, 165 cases have already been reported in that time, a 20% rise from last year within the same time period.
Moreover, they found that it usually involved businesses with overseas dealings who primarily use email to communicate.
“Scammers first hack into either the victim’s or victim’s business partner’s email accounts,” they said in a statement to Channel News Asia.
“They will obtain information from emails and impersonate someone whom the victim has dealings with, such as a business partner. They then create spoofed email accounts to communicate with the victim and ask for money.”
They further warned that these spoofed accounts “look very much like the genuine email address”.
While they said they are working with foreign counterparts on the issue, they said that successfully recovering lost money is rare.
To avoid becoming a victim of this scam, police said businesses “should be mindful of sudden changes with [their] business partners or creditors’ payment instructions and accounts”.
When in doubt, they further advised businesses to:
1) Verify changes in bank account details over the phone;
2) Use previous phone numbers as numbers within the email might already be compromised;
3) Educate employees about these scams, particularly those responsible for making fund transfers.
Related stories:
How should companies deal with data security when they have a BYOD policy?
Workers suffering ‘anticipatory stress’ from emails
Employers warned of data hoarding among IT staff
According to police reports, 165 cases have already been reported in that time, a 20% rise from last year within the same time period.
Moreover, they found that it usually involved businesses with overseas dealings who primarily use email to communicate.
“Scammers first hack into either the victim’s or victim’s business partner’s email accounts,” they said in a statement to Channel News Asia.
“They will obtain information from emails and impersonate someone whom the victim has dealings with, such as a business partner. They then create spoofed email accounts to communicate with the victim and ask for money.”
They further warned that these spoofed accounts “look very much like the genuine email address”.
While they said they are working with foreign counterparts on the issue, they said that successfully recovering lost money is rare.
To avoid becoming a victim of this scam, police said businesses “should be mindful of sudden changes with [their] business partners or creditors’ payment instructions and accounts”.
When in doubt, they further advised businesses to:
1) Verify changes in bank account details over the phone;
2) Use previous phone numbers as numbers within the email might already be compromised;
3) Educate employees about these scams, particularly those responsible for making fund transfers.
Related stories:
How should companies deal with data security when they have a BYOD policy?
Workers suffering ‘anticipatory stress’ from emails
Employers warned of data hoarding among IT staff
