Over the last few weeks we have heard about numerous cases of email spoofing within businesses.
But what is email spoofing?
In simple terms email spoofing is the creation and sending of emails that look like they are being sent by a genuine person. These can vary in sophistication from the very obviously spoofed, through to those that are very intricately constructed.
Within our own group we have seen some examples of the more intricate ones where the email spoofing has produced a near replica of the employees signature block including links and social media references. Due to our security policies and software we have managed to deal with these without issue but what happens if someone does make a mistake and responds to one?
What are the looking for?
As with all scams of this type the general end game of the email spoofing is to glean sensitive information and ultimately cash from your business. The most recent email we have seen purports to be from a senior member of staff asking for a bank transfer to a new supplier. The details of the supplier and bank account are obviously fake and it would be a simple mistake for a member of staff to make the payment. Luckily we had worked with the client to educate users on email spoofing and the member of staff noticed some oddities in the Director’s signature.
What can you do? Improve internal processes
The first thing any business can do is make sure the internal procedures for payments is tightened up and make sure there is a process for a secondary person to oversee any payments. This will help identify (hopefully) any strange requests that maybe made for client and supplier payments.
Make sure the Senior Management team and Directors follow a set routine for arranging payments to clients and suppliers. Make sure no single person can make a request for payment without it being signed off by someone else.
What can you do from an IT perspective?
Here are a few things you can apply to your messaging systems to help reduce spoofing:
Add SPF records – checks the IP address of the sender to make sure it is who it states it is from
DKIM – uses a public and private key to sign a message
DMARC – allows an organisation to publish rules on what to do with emails that fail SPF/DKIM policy checks
Email Tagging – Tag all emails that arrive from an external email system to ensure employees are aware that emails are coming from an external source
If you have any questions or queries regarding email spoofing please get in touch.
To find out more, please call us on 0845 504 8989, or complete our contact form.