[Treasury-News] Oregon State Treasury | Fraud Alert

Fri May 12 15:54:50 PDT 2017

[cid:image002.png at 01D2CB38.16161A00]

Fraud Alert

Spear Phishing
All organizations, including state agencies and other governmental entities, must be vigilant in combatting ever-sophisticated cybercriminals. Spear phishing, in which cybercriminals use target-specific approaches and social engineering, is a particularly challenging scam that often circumvents traditional technological defenses such as spam filters.

One Treasury customer recently fell victim to a spear phishing attack based on a legitimate vendor relationship. The customer has been paying the vendor via direct deposit since May 2016. Last month, the customer received an e-mail that appeared to be from the vendor's CEO requesting a change to the bank account information used to process payments. In actuality, the e-mail was sent by a cybercriminal. The customer replied with a request for further documentation, which the cybercriminal fraudulently provided. The customer subsequently sent a direct deposit payment to what the customer thought was the vendor's new bank account. A few days after the payment was sent, the vendor contacted the customer indicating payment had not been received. It was then discovered that the updated bank account information had not been provided by the vendor but that the customer had been defrauded by a cybercriminal. The customer is currently working with law enforcement, and fraud departments at both the originating and receiving banks, in an effort to recover some or all of the payment.

How to Protect Your Organization
While spear phishing is a sophisticated scam that relies on inside information, there are processes that your organization can use to avoid becoming a victim. In the example above, the customer could have uncovered the attempted fraud by calling the vendor at a known phone number and speaking with an authorized individual in order to confirm the requested change. When performing such a call-back process, it is important to use a phone number already on file and not one provided with the requested change.

For more tips related to spear phishing and other social engineering attacks, visit the U.S. Computer Emergency Readiness Team's website at https://www.us-cert.gov/ncas/tips/ST04-014.

350 Winter Street NE, Suite 100 | Salem, OR 97301-3896 | Phone (503) 378-4000 | www.oregon.gov/treasury<http://www.oregon.gov/treasury>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omls.oregon.gov/pipermail/treasury-news/attachments/20170512/5a77a9b3/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 157749 bytes
Desc: image001.png
URL: <https://omls.oregon.gov/pipermail/treasury-news/attachments/20170512/5a77a9b3/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 46917 bytes
Desc: image002.png
URL: <https://omls.oregon.gov/pipermail/treasury-news/attachments/20170512/5a77a9b3/attachment-0001.png>