An influx of employees working from home has opened up new network vulnerabilities for many companies and phishing emails purporting to be from trusted businesses prey on employees looking for information.

The attackers behind these malicious emails typically pose as a trusted organisation or a legitimate source such as companies you may do business with, government agencies, banks, co-workers, etc. Once hackers have gained access, they can change bank account details on invoices in order to gain fraudulent payments. If successful, these types of attacks can compromise credentials, personal and corporate data, and critical systems, opening the door to a wide array of corporate fraud.

Typically, the steps are usually as follows

1.       A malicious email is sent with a link to click

2.       Once the link is clicked, a keyboard capture programme launches, and the hacker sits and waits for a password to be entered

3.       Once the password is known, the hacker uses a browser to access the account and now has access to  the user email account

4.       The hacker then monitors the emails coming through

5.       The hacker identifies a legitimate email from a supplier regarding a payment

6.       The hacker then creates a masked email address to imitate the trusted supplier requesting payment

Normally your cyber security and anti-spam filtering will eliminate the vast majority of attacks and risks, but please be vigilant and ensure you check thoroughly prior to making payments. A request for payment to a changed bank account number is usually enough to trigger an alarm.

If you think you may have been targeted:

1. Change the password on the email account

2. Disconnect all email web sessions (this will push out the attacker)

3. Implement Multi Factor authentication, to force a secondary authentication process to a mobile phone


What you can do?

When working from home, it is a good idea to regularly update passwords and use virtual private networks (VPN) and multi-factor authentication. 

Please observe the following email best practices: 

• Be wary of emails from people claiming to work for government agencies – these agencies will never ask for personal information through an email

• If asked for corporate financial information (e.g., paying an invoice, transferring money, etc.), always validate the sender’s identity

• Verify the authenticity of charitable organisations and requests for donations before giving any financial or credit card information

• Do not respond to unsolicited communications about Covid-19 vaccinations or treatments

• Be critical of messages that instil a sense of fear or demand immediate action related to Covid-19

• Do not click links or download attachments from unknown or unexpected senders – hovering over the email address or link will reveal where the link actually goes

• Do not reveal any personal or financial information online, especially relating to a stimulus payment or business relief package

• Access information about government actions regarding Covid-19 from reputable sources like the CDC and WHO websites


If you are concerned about your cyber security, The Argyll Club IT support team can help.  Please email or call 020 3008 8885 if you would like more information on the additional services we can offer our members.