Sophos<\/a> solutions), make sure to first check the domain of the incoming email. We all know about the case of the "fina email" that came from the domain fina.online instead of fina.hr. All strange domains, like the ones mentioned, should be suspicious. In this particular email, the problem was an attachment that, once opened, would install a malicious program on the user's computer and lock the documents. After that, a new email would arrive in which the user would be invited to pay a ransom, in cryptocurrencies, in order to be sent a program that would unlock the same documents. Even those who pay the ransom do not get everything back. Precisely because they are "easy victims", they "pay" and the attacker will want to use them as much as possible. So - do not open attachments before "taking a look" at the domain.<\/p>\nA case from the neighborhood \u2013 intercepted mail<\/p>\n
A company in our neighborhood, which has been working with an Italian supplier for years, was left without a substantial sum of money. Namely, the email with payment information that the supplier sent them was intercepted. The content remained the same except for the recipient's account number. The email was sent from a very similar address, which contained the sender's first and last name, the company name, but with a small addition to the domain. The thing that worked in the attacker's favor was that this very same supplier had changed the account number several times, and this fact was not unknown to the person responsible for payment. The money was transferred, and by the time the fraud was discovered (when the real supplier warned about the non-payment), it had been debited from the account.<\/p>\n
We are including all of these examples to warn you and, at least in part, to point out what you need to pay attention to. Until the next blog post\u2026<\/p>","protected":false},"excerpt":{"rendered":"
The term computer fraud refers to all frauds where attackers, usually via malicious email, illegally gain a profit at the expense of the victim. We have all received an email at least once from a \u201chigh-ranking official from Nigeria\u201d who needs help with a bank transaction, and in return we would receive a 30% of, very often, a large sum of money. Everyone is aware today that this is a simple scam, and this fact has prompted hackers to try harder, to be more resourceful. As a result, today we have more and more successful scams. In fact, there is an entire industry based on hacking attacks where you can even buy attack tools online and have \u201csupport\u201d provided. The last in line are emails from a \u201ccompany director\u201d or \u201chead of accounting\u201d to carry out a financial transaction with instructions about the recipient (who is often abroad). These days, the media columns are full of the case from \u0110akovo, where the head of finance, on the orders of the "mayor", paid almost 50,000 euros into an account in the UK. In this case, the hacker created an email almost identical to the mayor's, and the employee carried out the task without prior verbal consultation with the mayor. Whether the city of \u0110akovo will ever get its money back remains to be seen. You can best see how well hackers can disguise an email and what tricks they use in the following video: Link What to do? First of all, protect your computers, servers, and mailboxes. Once you have done this (if you haven't, feel free to contact us, we offer excellent Sophos solutions), make sure to first check the domain of the incoming email. We all know about the case of "fina's email" that came from the domain fina.online instead of fina.hr. All strange domains, like the ones mentioned, should be suspicious. In this particular email, the problem was an attachment that, once opened, would install a malicious program on the user's computer and lock the documents. After that, a new email would arrive in which the user would be invited to pay a ransom, in cryptocurrency, in order to be sent a program that would unlock the same documents. Even those who pay the ransom do not get everything back. Precisely because they are "easy victims", they "pay" and the attacker will want to use them as much as possible. So - do not open attachments before "taking a look" at the domain. Case from the neighborhood - intercepted email A company from our neighborhood, which has been working with a supplier from Italy for years, was left without a considerable sum. Namely, the email with payment information that the supplier sent them was intercepted. The content remained the same except for the recipient's account number. The email was sent from a very similar address, which contained the sender's first and last name, the company name, but with a small addition to the domain. The thing that worked in the attacker's favor was that the same supplier had changed the account number several times, and this fact was not unknown to the person responsible for payment. The money was transferred, and by the time the fraud was discovered (when the real supplier warned about non-payment), it had been debited from the account. We are citing all these examples to warn you to be careful and, at least in part, to indicate what you need to pay attention to. Until the next blog post...<\/p>","protected":false},"author":7,"featured_media":11832,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[285],"class_list":["post-7942","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","tag-arhiva"],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/fortuno.hr\/eng\/wp-json\/wp\/v2\/posts\/7942","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fortuno.hr\/eng\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/fortuno.hr\/eng\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/fortuno.hr\/eng\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/fortuno.hr\/eng\/wp-json\/wp\/v2\/comments?post=7942"}],"version-history":[{"count":1,"href":"https:\/\/fortuno.hr\/eng\/wp-json\/wp\/v2\/posts\/7942\/revisions"}],"predecessor-version":[{"id":11408,"href":"https:\/\/fortuno.hr\/eng\/wp-json\/wp\/v2\/posts\/7942\/revisions\/11408"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/fortuno.hr\/eng\/wp-json\/wp\/v2\/media\/11832"}],"wp:attachment":[{"href":"https:\/\/fortuno.hr\/eng\/wp-json\/wp\/v2\/media?parent=7942"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/fortuno.hr\/eng\/wp-json\/wp\/v2\/categories?post=7942"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/fortuno.hr\/eng\/wp-json\/wp\/v2\/tags?post=7942"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}