Cybercriminals are constantly adapting their approach to deceive their targets and increase their success rate, says J2 chief executive officer, John McLoughlin.
J2 is a security-focused African technology business founded in 2006 to address the need for effective cybersecurity, governance, risk and compliance solutions in Africa.
McLoughlin says there is a new trend developing that speaks directly to this phenomenon, it is an adapted version to completing a successful change of bank details fraud.
“Many people have seen and encountered the standard approach to change of bank details fraud, also known as invoice fraud. This is where an attacker pretends to be a supplier, they create fake change of bank details letters and email the accounts department to get bank details updated.
“The attack method is nothing new, but the execution has simply evolved. The end game is the same, to steal your money but the criminal syndicate now uses the fact that most people are working from home to target their prey with a more personal approach.”
McLoughlin said cybercriminals use the phone to identify themselves as the supplier’s finance contact person. The call is friendly, includes some small talk, pandemic discussions and is made to sound unique, right down to using the correct accent.
“The cyber attacker informs your team that they’re changing banks and asks about the process to do so. They then confirm the details and send this via email. As this is expected, your finance team has a higher likelihood of being tricked and falling for it.”
Criminals often uses messaging apps like WhatsApp and Signal to confirm the details have been sent and will then call back again a short while later to confirm receipt of the details and to answer any questions or concerns.
“This adaptation has been necessitated to get around the usual verification process in place at a business. The attacker does their own verification with your finance team, increasing their success rate exponentially,” McLoughlin said.
He said there have been different versions and differing levels of sophistication in these attacks, including highly targeted attacks where the cybercriminals have spoofed the supplier’s telephone numbers.
“Awareness is key, making your end-users aware of changing methods and bedding down your processes will help and is part of our drive for cyber resilience. Externally you should be using every possible method to secure yourself and your reputation.”