A clever new email scam is being targeted at businesses in Sutton Coldfield – aimed at stealing thousands of pounds.
In a chilling development, hackers have been accessing bosses’ email accounts, and waiting for them to go on trips abroad before striking.
“What makes this scam both clever and worrying, is that the hackers play a long game,” said local IT security expert Mark Dodds of Compex IT.
“Hackers get into the boss’s email account. In the past they would have done instant damage and got out. But now they sit and read emails, and over a period of months look for ways to steal cash.”
Sometimes that’s by intercepting bank account or card details shared on email.
But the most cunning hackers wait till the boss is away on a foreign trip before striking.
“They send an email to staff asking for urgent access to a critical system, or for an urgent bank payment to be made,” Mark said.
“It looks like it’s come from the boss, but it’s actually from the hacker. They will drop in a few facts that the staff know are true, such as where the boss is holidaying and what the weather is like.”
He added: “Many staff are completely fooled, so go ahead and set the payment up. It can be days before anyone knows there has been a security breach, and by then it’s usually too late to stop it.”
Mark and his team have put together a series of security measures designed to help local businesses prevent this kind of fraud.
They’re making details of the scam public, to try to help more owners and MDs be aware.
Compex IT was formed in 2004 and now looks after many local businesses in the Birmingham area.