Gatefy's email security solution has detected a new variation of a phishing scam that uses email spoofing. This time the cybercriminal tries to impersonate a consulting firm by saying he has a "potential investment opportunity." To increase the credibility of the scam and deceive more people, the criminal uses an email address similar to that used by other companies. That's what we call email spoofing.
As with many phishing attacks, the cybercriminal was polite and straight to the point. Take a look:
“Good day! I am reaching out to you based on a request from a private investor who is looking for a potential investment opportunity in your country. Details of investment proposal will be sent out to you on reading back from you as we deem it necessary to seek for your consent prior to any formal exchange of material information relating to the Investment. I look forward to your earliest response via my private email address. Regards, Gilbert Mboweni Email: firstname.lastname@example.org D/ Tel:+44 7459 225716"
The real intention behind the scam we don't know. It could be an attempt to gain access to sensitive information, to infect the company's network with some form of malware, or to demand payment to intermediate a partnership that will never exist.
How to identify the email scam
1. Domain spoofing
A first point that draws attention in this phishing scam is the domain alliedconsults.com. There's another address that's also used by the hacker: alliediconsults.com. These addresses are very similar to legitimate business addresses. What changes are just a few letters. This technique is called domain spoofing (more precisely website spoofing and email spoofing) and is widely used by hackers to commit internet fraud.
According to the FBI, more than 15,000 cases of spoofing were reported in 2018, totaling a loss of about USD 70 million. The FBI states that spoofing happens when "contact information (phone number, email, and website) is deliberately falsified to mislead and appear to be from a legitimate source”.
The agency separates spoofing and phishing cyber crimes into two groups, but warns that spoofing crimes usually happen in combination with other types of crimes.
2. Sense of urgency and tempting opportunity
Another interesting point to note in this email scam is the sense of urgency and the fact that it's a tempting opportunity. These are two striking features of phishing scams. By creating the impression that this is an unmissable opportunity, the fraudster captivates and wins the victim over. Then by creating the sense of urgency that the situation needs to be resolved, he ends up involving the victim, who disregards other important aspects.
3. Not so new email scam
Finally, we highlight that this is not a new scam. When searching for Gilbert Mboweni on the internet, soon you realize that there are other variations of this fraud. In some cases, even Gmail addresses were used, such as email@example.com and firstname.lastname@example.org. A search on social networks, such as LinkedIn, yielded no results.
How to fight phishing and spoofing
One of the top tips for protecting against email attacks is to be alert at all times. Therefore, when receiving a message it's important to check names, URLs, email addresses and the content. If necessary and if you feel suspicious, try confirming the message in another way, such as with a phone call.
For companies, adopting protection and awareness solutions helps reduce and mitigate the risk of data breaches. Read more about cybersecurity solutions that fight and prevent spam, ransomware, viruses, phishing and other advanced threats. It's a good way to reinforce your protection and ensure the security of your data and information.