Think you are the only ones that receive scam emails? Nope. P3C receives them too! Take a look at this example of a scam email that came to our accounting mailbox. The attackers bought a domain name similar to one that is used by a real business, so they invested some money into their scam to make it look more legit.
The message from “Grace” in this case puts a fake forwarded message right below the scam attempt. The fake message looks like it came from “Bradley O”. Anyone that knows Brad at P3C can tell he does not sign emails this way. But—the attacker is trying to put the accounts payable department at ease by showing that “Bradley O” already approved the at
tached invoice and it is just overdue for payment.
Pretty slick hey? A simple yet practical scam to get someone to send money without thinking. How do you avoid falling for it?
- Train your people to recognize scams
- Set up rules for how money exits the company
- Make sure you have approval limits, sign off points, and verification methods before invoices are paid
- And remember—think before you click!
