Welcome to Thunderdome

I fucking HATE lazy piles of shit that work hard to never work.

Our payroll person got an email today from our CFO requesting to change the account his direct deposit goes into. She, thankfully, recognized it wasn't a legit email address and notified me. I had her reply and ask for the account number, which the person provided.

Cops were called and report filled out. Hopefully, they catch the person. I'm sick and fucking tired of businesses blowing these fraud attempts off and not doing anything.

Somehow, they knew who the payroll person was, and in a bit that might be a coincidence, the CFO was traveling today. That's concerning.

The comptroller here had previously related to me a story about a company that went bankrupt because the president's email had been compromised. The thief knew he'd be traveling on a certain day, and thus, unavailable to confirm details. The thief emailed a specific person in their accounting department for a very large check to be cut immediately, and "be waiting for me when I land". The check was cut, and it broke the company.

Leisher wrote: Our payroll person got an email today from our CFO requesting to change the account his direct deposit goes into. She, thankfully, recognized it wasn't a legit email address and notified me. I had her reply and ask for the account number, which the person provided.

Yeah, so there's a 0 percent chance the person gets caught, give or take.

Leisher wrote: Somehow, they knew who the payroll person was, and in a bit that might be a coincidence, the CFO was traveling today. That's concerning.

One of the largest targets for cyberthieves these days is companies (particularly midsized ones as they have decent money, but often fewer controls/safeguards) to prey upon their financial systems. Often, email accounts have been hacked, and you may even see a trail of emails forwarded out of the accounts, etc. They'll spend a considerable amount of time on a single company as they know that they can often get 6 to 7 figure paydays from these companies with proper execution.

There's a good chance your payroll person, or someone else, click on a phishing email and has been compromised, imho

Yeah, I've already advised them to take the appropriate steps to ensure a compromised account gets re-secured.

Leisher wrote: Yeah, I've already advised them to take the appropriate steps to ensure a compromised account gets re-secured.

Do yall use MFA for email?

Not at the moment, but it's on my wishlist.

I'm also currently working on adding "External Email" on inbound emails since 85% of the morons I work with failed a social engineering test hack.

Leisher wrote: since 85% of the morons I work with failed a social engineering test hack.

That's happened everywhere I've been. My last company was the only one that explicitly tested (I passed!), but lots of people I worked with fail real-life tests.

I had a fake invoice show up. For web hosting services.

Cakedaddy wrote: I had a fake invoice show up. For web hosting services.

Yeah, I've received that as well. I had a co-worker drop it off asking for approval. I did not approve it.

First job out of college at a small company and I was a secondary ringer for the company's main line. If the main phone line rang x times and nobody picked up, I'd route the call to me. Usually just technical calls about our molecular biology product.

One day a guy calls and seems very familiar, not the tentative scientist type I'm used to. I got talked into attempting to find some information about the "big" printer we used in the back. The back meant the lab, and I would need to go there to check. I put the call on hold and went looking.

At first I thought the guy was working with our boss, who was very Chinese, and often communicated to me through his accountant or lawyer in a similar fashion.

I go to the back and discover we use like 4 different models of large production printers. Returned to the call and asked him which one he wanted info about. He said "Any of them." AND FINALLY alarm bells went off. I asked "Why?" and he hung up.

Apparently, the scam is that they send the business an entire pallet of price gouged toner, if they can record an employee saying the model number and a confirmation of some kind.

If we'd have had one model printer I might have paid for that one.

TheCatt wrote:

Leisher wrote: since 85% of the morons I work with failed a social engineering test hack.

That's happened everywhere I've been. My last company was the only one that explicitly tested (I passed!), but lots of people I worked with fail real-life tests.

Our new company did the same test. Of 14 people, 6 didn't get the email cuz our spam filters blocked it, 6 deleted/reported the email, and 2 clicked.

Unrelated, but wasn't sure where to post: If you come home with a clothing tag stuck on your legit purchase, the burning method is more reliable than the fork method.