August 04, 2021
Scammers Use Email to Impersonate Prominent Promo CEO
It’s another recent example of hackers targeting the promotional products industry. Get tips on how to avoid being schemed.
And the phishing attempts keep on coming.
ASI Media has learned that scammers recently impersonated a prominent CEO within the promotional products industry through email in an attempt to trick recipients into divulging sensitive information.
The email asked recipients to “kindly confirm the status of current outstanding payment/invoices if there is any. Please revert back with your statement detailing the unsettled amounts with the corresponding due dates.”
The text of the message then continued: “We would like to request that you put on hold any payments as we would like to verify with our accounts recordings and confirm your records match with our own before proceeding to complete the due payments.”
The CEO confirmed to ASI Media that the email did not come from them. A surefire giveaway that the email was not, in fact, from the CEO was that the address from which it was sent was a Gmail account, rather than a professional account. Plus, the address did not feature the CEO’s name or company in any way, rather being a generic “Billingham.rep@gmail.com.”
“No legitimate organization will send emails from an address that ends ‘@gmail.com’. Not even Google,” shares IT Governance, which specializes in cyber risk and privacy management solutions.
Indeed, suspicious email addresses are a top tip off that an email may not be from the sender it purports to be from and thus potentially a phishing attempt. Cofense, which specializes in combatting phishing scams, notes that inconsistencies in email addresses, links and domain names are red flags that a scam attempt is underway. An inconsistent domain name, for instance, may be one that’s meant to look like a legitimate company’s domain name but is actually slightly different – a clue that takes careful observation to detect but one that’s worth taking the time to uncover.
Here are 7 tips (in under 60 seconds) on how to enhance your cybersecurity. #cybersecurity #ransomware #ASIMedia #promoproductshttps://t.co/UEYNVbPmBv pic.twitter.com/gvAlE0MW7s
— Theresa Hegel (@TheresaHegel) June 4, 2021
“Does the email originate from an organization corresponded with often?” Cofense asks. “If so, check the sender’s address against previous emails from the same organization. Look to see if a link is legitimate by hovering the mouse pointer over the link to see what pops up. If an email allegedly originates from (say) Google, but the domain name reads something else, report the email as a phishing attack.”
There are other ways to spot email phishing, too. Emails that allege to be from known senders or others that demand recipients to take urgent action or face a dire consequence could indicate a hack attempt. The idea is to worry recipients and get them to take the desired action – clicking a link that launches malware, sharing financial/private information – before they can think rationally about what’s being requested and why. Another variant of this scam is “gift carding.”
“Emails originating from an unexpected or unfamiliar sender that request login credentials, payment information or other sensitive data should always be treated with caution,” Cofense advises. “Spear phishers can forge login pages to look similar to the real thing and send an email containing a link that directs the recipient to the fake page. Whenever a recipient is redirected to a login page, or told a payment is due, they should refrain from inputting information unless they are 100% certain the email is legitimate.”
Bad grammar or irregular wording in the email is another potential clue that hackers are trying to dupe you. So are odd greetings such as overly formal salutations – “Dear Sir” – especially if the email is supposedly from a colleague or another person in your professional life that you’ve interacted with before.
Scammers are coming hard after the #promoproducts industry. Are you prepared? 2-minute vid has tips for spotting the schemes. @asicentral @ASI_MBell @Melissa_ASI pic.twitter.com/JiyJnJXi4V
— Chris Ruvo (@ChrisR_ASI) June 7, 2021
As indicated earlier, hackers in phishing attempts often try to get recipients to click on links or attachments. These may be infected with malware that can cripple a company’s network, rendering computers unusable until a ransom is paid. Phishing emails can also route victims to pages where they’re asked to input information that should be kept private. Be especially leery of attachments that have an unfamiliar extension or are in the form of those often associated with malware, such as .zip, .exe, .and .scr.
“No matter how phishing emails are delivered, they all contain a payload,” It Governance notes. “This will either be an infected attachment that you’re asked to download or a link to a bogus website. The purpose of these payloads is to capture sensitive information, such as login credentials, credit card details, phone numbers and account numbers.”
Ransomware attacks and other scams advanced through email have been on the rise globally. In July, an alleged hacker gang believed to be from Russia/Eastern Europe launched an attack that reverberated across the globe and that came with a $50 million to $70 million ransom demand.
Some of promo’s biggest companies, including Top 40 firms alphabroder (asi/34063) and Bag Makers (asi/37940), have fallen victim to ransomware attacks.
For sure, scams particularly targeting promo are abounding too.
Earlier in 2021, a distributor was left on the hook for 10,000 flash drives after a scammer posed as a legitimate buyer through email and tricked the distributor into fulfilling orders for the products but never paid. ASI Media has urged all promo companies to educate employees about cons and cyber threats now – or risk the worst.