uc logo white
Text Size

Home

Phishing email from your Boss

Hello all- I wanted to give you a quick heads up on yet another trend in phishing. We received this email at ID Experts late last week but I have since learned that a number of people have received similar emails across the country.

Hello all- I wanted to give you a quick heads up on yet another trend in phishing. We received this email at ID Experts late last week but I have since learned that a number of people have received similar emails across the country. Their nefarious MO is to send an email to the person most likely to be in a position to send wire transfers from inside the company or organization. They send the email and make it look like it is coming from their boss. In my case, my name and correct email address appeared in the “From” header on the email and it was sent to our controller…text as follows:Sailaway2

“Hi Chuck,

Hope you are having a splendid day. I want you to quickly email me the details you will need to help me process an outgoing wire transfer to another bank. I will appreciate a swift email response.

Thanks.

Robert Gregg.”

Now Chuck knows me well enough to know that I would not start my email wishing him a “splendid day,” so he immediately was suspicious. So he did what all of us should do when we suspect something is up. He emailed me directly (did not hit reply) and forwarded the email to me for verification. He also checked the actual return path of the email he received and found it to be the following:

“Reply-To: Robert Gregg <This email address is being protected from spambots. You need JavaScript enabled to view it.>”

At this point he knew it was phishing and turned it over to our IT group. My IT guys tell me this has been around since last spring but appears to be making a comeback, so be aware. If this happens to you, you can check the return path as follows:

With the email open (remember don’t click on any attachments!)

Click File…… Properties……Internet headers….. and look in the headers for “Return Path”. If you don’t recognize the return path it is almost certainly a phishing (or in this case spear phishing) attempt.

Hope this helps in protecting yourself and your organization from the fraudsters in cyberspace.

________________

Robert Gregg, CEO of ID Experts, and a CPA by trade, has an extensive career as an executive.  As CEO of ID Experts, he is committed to protect consumers from identity theft resulting from privacy data breaches, particularly in healthcare. ID Experts provides the absolute best hands on service to prevent and remediate data breaches, and take great care of the victims of a breach.