We wanted to give the tech community a heads up regarding a sophisticated email scam that is currently hitting tech startups.
 
This is one example we’re familiar with, but there have been a number of similar scams hitting startups all over. A London-based company have told us that they were almost caught out when their Financial Controller recently received an email, supposedly from their CFO, asking to pay an invoice. The email also contained a fake forwarded message from the Founder, also asking for it to be paid.
 
The scammers purchased a domain name very similar to the company’s URL, so at a quick glance it would look as if the email had come internally. They then set up a fake email address for the CFO. They did their homework and found out the Founder’s name, CFO’s name and Financial Controller’s name, so the email chain looked legitimate. This company spotted the discrepancy in time, but we’re warning all startups to be vigilant.
 
Our Recommendations:

  • Beware of emails that are seemingly internal, but have a different reply address
  • Look out for any email address seemingly from a colleague asking for a password
  • All employee accounts should have a 2-step verification process in place
  • If you’re not sure about an invoice, double-check

 
We now know they have targeted a number of tech startups. We’re not sure if it is the same group operating, but we advise everyone to be extra specially careful when it comes to money matters.
 
Be careful out there!
 
Team ihorizon