Key Takeaway
- Email impersonation scam is a type of a phishing scam
- Criminals create fake trust by impersonating a colleague or the CEO of a company
- An out of the ordinary message, urgent action required from your end, or money transfers are red signals
A cyber fraud that targets employees and customers using impersonated emails is called an e-mail impersonation attack. The scam involves cybercriminals acting as impostors and impersonating executives or business owners and duping people using phishing emails. These criminals typically mimic CEOs and senior personnel and exercise authority via emails. They then ask their juniors or clients to transfer money, make a payment on their behalf or send some sensitive information.
Their modus operandi is based on identity deception to increase the open rate and boost the efficacy of these spam emails. They pretend as outside vendors and ask for payments or use look-alike corporate domains seeking deposits or some information.
Ever received an email that looked something like this?
One may see this e-email and immediately follow the instructions as the email appears to have been sent from their relationship manager. However, if you see the email ID closely, you will see that the domain name used in the email is .org when in fact Bajaj Finserv uses .in.This is a classic impersonation email example.
They change the name and email of the sender on the pretext of:
- Paying counterfeit invoices, transferring money, or defrauding the business
- Sending confidential data to your clients and businesses
- Clicking on links to hack the victim’s computer and steal credentials to enable
Tips To Prevent E-Mail Impersonation Scam
Tip 1 -Look out for language cues
An email impersonation attack often uses language that instils a sense of fear or urgency in the recipients, strong-arming the victims into acting immediately. This does not mean every urgent email should be ignored but one must watch out for the language.
Impersonation email will involve:
- Requests to transfer money or some sensitive information at a very short notice
- Unfamiliar purchase requests such as gift cards
- Colleagues requesting quick changes to get personal information
- Vendors requesting payments in different bank accounts right before an invoice due date
Tip 2 -Check the context of the emails
Try and reason with the email you receive, why would your boss ask you to buy gift cards randomly or why would your lender Bajaj Finserv ask you to transfer immediate money for any particular reason? Instead of panicking and acting immediately, stop and engage rationally with the email.
Messages that are out of the ordinary despite being from known and trusted sources, unwanted messages, information requests, or requests that urge you to open an attachment should raise suspicion.
Tip 3 -Check the full email address and sender name for discrepancies
Though companies implement keyword-based checks in place that are meant to detect email addresses and sender names that match the executives’ names, slight deviations tend to get cleared by these security controls.
You can lookout for the ‘FROM’ display names and email addresses, the name may be the same but the email ID may be mismatched. When you click on ‘REPLY TO’ check the recipient's email address and domain name, if it is spoofed, you will know instantly. Check out for common writing hacks like:
- minor spelling changes - ‘ie’ instead of ‘ei’
- using .in instead of .com or .org
- an extra alphabet
- replacing small L(l) with ‘I’
These are examples of visual similarities that are used to trick victims.
Tip 4 –Watch out for common tactics and phrases
Email impersonation is a scamming tactic that has been around for a while and there are few ways that one can be aware of. They may not straight away jump to the request but make simple requests first so you take the bait.
Some common phrases used? – Do you have some time on your hands? Are you at work today? Can you help me out with something urgent? Can you share your mobile number? Though these messages seem harmless on the face of it, they actually give access to the system and also help impostors collect enough information on you which can later be misused. Always watch out for official emails that are personal in nature.
Tip 5 –Use multiple channels of authentication
Enterprises should adopt MFA or 2FA (Multi-Factor Authentication or two factor authentication) to help protect the employee accounts and limit the impact of any compromise. This format can be replicated by employees as well, for instance, if right before the payment date, a vendor sends revised account details, they should be called and asked to confirm the same. Similarly, if you receive a message from your supposed boss asking for a personal request, always call or Whatsapp them to confirm the same.
These tips can help kick-start the prevention process from email impersonation threats. Although this process will be more effective once the IT security teams of enterprises conduct audits and have sophisticated detection and security software in place. Our job is to identify such emails, bring them to the notice of our employers or other legitimate organisations that these emails are impersonating so they can deal with them at their end.
For instance, the example of the email from Bajaj Finserv quoted at the start of this article should be brought to the attention of the company that is being impersonated. In such a situation, one must reach out to Bajaj Finserv at https://www.bajajfinserv.in/reach-us and address the issue. It is always better to be safe than sorry. Give a minute to evaluate an out-of-the-ordinary email. Think before you act and try not to get trigger happy!
