GeneralFamily business being hacked
Posted:

GeneralFamily business being hackedPosted:

JQCDesigns
  • Christmas!
Status: Offline
Joined: Nov 07, 201212Year Member
Posts: 1,134
Reputation Power: 51
Status: Offline
Joined: Nov 07, 201212Year Member
Posts: 1,134
Reputation Power: 51
Any gurus out here that can help me

So basically here is the rundown

My family's business is getting hacked. When we send out an invoice to the customer via email, the email is getting intercepted, the hacker then changes the account number to his bank, and forwards the email on to the customer, and then the customer is paying into the hackers bank, I have the hackers email, and bank details, what can I do to prevent the emails from being intercepted
#2. Posted:
itsGrant
  • Christmas!
Status: Offline
Joined: Mar 30, 20204Year Member
Posts: 208
Reputation Power: 139
Status: Offline
Joined: Mar 30, 20204Year Member
Posts: 208
Reputation Power: 139
dang bro, that's bad! Good luck with getting it fixed bro.
#3. Posted:
HighRoss
  • Summer 2023
Status: Offline
Joined: Oct 11, 20186Year Member
Posts: 279
Reputation Power: 964
Status: Offline
Joined: Oct 11, 20186Year Member
Posts: 279
Reputation Power: 964
You have his bank details?
So go to the police give them his bank details and they can track him down to his bank then.

Or maybe change emails? Make a new email and send the invoices out thru that email?

And maybe download and use a VPN you won't be hacked as easily
#4. Posted:
AD4M
  • Summer 2020
Status: Offline
Joined: May 09, 201113Year Member
Posts: 2,136
Reputation Power: 146
Status: Offline
Joined: May 09, 201113Year Member
Posts: 2,136
Reputation Power: 146
A number of things you can do to lockdown the spread of misinformation to your families customers.

1. Change your email passwords (top priority)
2. Check for root causes of how this leak has happened in the first place. 9/10 times I see service users have installed something they shouldn't have on their local PC. I recommend using ESET AV scanner paired with Malwarebytes, you can Google both products. Run both of these on each device any emails are setup on, this includes mobile devices
3. Do some investigation work and you may have to contact your customers notifying them of there being a breach, depending where you are in the world. For example the UK follow GDPR set by the European Union, we have to report data loss to them to avoid prosecution.

What email service do you use? Office 365? Hosted email (hosted exchange), POP/IMAP accounts?

This is effectively my day job what you have reported. If you PM your email domain I am more than happy to complete checks for you on the dark web to see if account data has been stolen and sold.

Sorry if this comes across scary but I have seen phishing attacks like this close down small businesses.

Hope this helps dude
#5. Posted:
AD4M
  • Halloween!
Status: Offline
Joined: May 09, 201113Year Member
Posts: 2,136
Reputation Power: 146
Status: Offline
Joined: May 09, 201113Year Member
Posts: 2,136
Reputation Power: 146
Oh and to add, if you get one of your customers to send you an intercepted email via attachment (DO NOT JUST FORWARD) if you PM me and I will read the header of the email to see if it was a spoofed email or whether it legitimately came from your domain. This will help you determine whether your family member account was hacked or whether the domain was spoofed.
Users browsing this topic: None
Jump to:


RECENT POSTS

HOT TOPICS