We have seen a dramatic increase in the number of “Spear Fishing” attacks over the last month, so thought it was time we discussed it. We here at Boundary were targeted this week, and have had several reports from clients who have been similarly targeted.
Spear Fishing is the term used for an attempt to receive a fraudulent payment by spoofing emails. The emails generally target the accounts mailbox, and are spoofed to appear to come from one of the owners / directors of the company. Where they get the relevant names from is unknown, but most likely it is from online resources such as LinkedIn or Companies House.
The one we received this week had the text “I need you to process a Faster Payment” to a new beneficiary, can you handle this right now? Payee details attached.” and they are usually some variation of this. They used to be easy to spot because of the poor spelling and grammar, but recently they have upped their game.
The best protection from this is your internal processes – making sure new payees have to be signed off before being setup, and that the bank sort code actually matches with a UK bank.
Please take a minute to look at the below link.