This week has seen another two clients targeted by cyber-criminals.
In the first, a client has had her PayPal account accessed illegally and thousands of dollars in funds stolen.
In the other, criminals hacked the client's email account and tried to steal money by emailing the bank on his behalf.
In the first case, it is most likely that the PayPay account was able to be accessed because it was protected by a simple password that had been used by the victim for every online account and subscription.
All that is required is for one of these accounts to be hacked, or for one of these subscriptions to be un-secured or fraudulent, and the person will have given away access to all their online accounts (including PayPal).
A friend has sent you a document! (No they haven't !!!)
In the second case (and perhaps in the first as well), the problems started with an email that came from a friend, but that was really a malicious email that resulted from that person's mail account being hacked previously.
I was particularly worried about what I saw when called in to diagnose and fix this client's problem.
This client clicked on the document link, and entered his email address and password to, as instructed, access the supposed document via his live.com account.
Here's what happened next!
- Everyone in the victim's live.com address book immediately received the same malicious email that looked like it came directly from the victim (thereby spreading the problem further).
- The criminals logged in to the victim's email account and saw some banking correspondence between the victim and the bank.
- They then sent emails to the bank from the victim's email account asking for funds to be transferred to an overseas account.
- They also placed an 'email rule' in the victim's email account, so that any communications from the bank to the victim were immediately deleted.
- Finally, they set the mail account up to send 'alert' emails to an email address (not belonging to the victim) whenever the victim made a change to password or security.
Luckily, the bank recognised that the emails asking for transfer of funds offshore were most likely fraudulent.
They contacted my client, and suspended the client's online banking temporarily until his email accounts had been checked and computer cleared of any spyware or other malicious software.
In our investigations, we found that his account had been accessed from an IP Address in Sydney, and an attempt had been made to access it from Vietnam (after he had changed his password).
Here's what's really frightening!
It is frightening to think how many people have been caught out by this problem, and are perhaps unaware that they have then left themselves open to all sorts of ongoing issues caused by opening up their email to criminals. Many will have not even changed their password.
The thing that is even more frightening is that just changing your password may not be enough to secure your account. While these criminals have access to your account, they are able to change the settings - perhaps so that all your incoming emails are forwarded to another address, thereby gaining continued access to everything you receive!
What should you do ?!
If you think you may have ever fallen victim to one of these fraudulent emails, you most definitely need to change your password and, ideally, set up something called 2-step verification as additional protection from future hacking attempts. Make sure any password you use is different to any other password you have used fro online accounts.
But you also need to go further and check your email setup to make sure the criminals have not 'planted' anything else in your account.
And don't delay!
Call iTandCoffee if you are not sure how to do this - 1300 885 420.