In the past few weeks, Tekmanagement Inc. has seen an increase in fraudulent emails soliciting funds transfers from our clients. The requestor of the transfer will obtain information about the business in order to send a convincing request. In one recent case, the requestor created an email address similar to the CEO of the business. They then sent an email to either the CFO or another member of the finance team. The email requested a transfer of funds to an overseas bank account.
Many businesses place the names of their management on their website. This information is also available through online directories and social media. This makes it very easy for cyber criminals to find the information.
In one case, the requestor of the funds impersonated the domain name of the business, and simply added an extra letter to the domain. They then used the name of the CEO with the new domain name in the request. Example: email@example.com instead of firstname.lastname@example.org. Notice the missing ‘e’ in tekmanagment.com.
In another case, the requestor used a completely different email address, but used the name of the CEO in the contact information as well as the signature block.
Please instruct your finance team to be on the lookout for emails such as these. They should always question requests for funds, passwords, or other private information. I would also recommend that you include a second way to confirm someone’s identity before making such a transaction. As you can see email alone is not a good way to identify who is communicating with you.
Please contact your Tekmanagement team if you have questions, concerns, or have fallen victim to this threat. (541) 779-4777