New E-mail Scam Targeting Invoices and ACH Payments
There is a new scam where hackers take over a brand’s email account and request payment via ACH. This financial scam recently happened to a brand that we know. Please note: Bridge has not been a victim of this scam. We are warning businesses to ensure it does not happen to our friends.
Here is how the scam works:
1. A hacker takes control of an employee’s email account such as their Microsoft email user ID and password. This is likely done via a scam email which the employee receives pretending to be from Microsoft Office 365 asking it to sign into the software.
The hacker sends many versions of this email to all of the employees of the brand in hopes that one (or more) employee will click it.
2. Once the hacker obtains the employee's user ID and password, they change all the rules governing the email account which allow them to send and receive emails as the employee. This gives the hacker control of the email account and allows the hacker to send a scam email to the brand's customers. The scam email states that the brand no longer accepts payment via checks and all payments going forward would need to be made via ACH bank transfer. The fake employee email lists the hacker's own bank and bank info as the new payable account for the brand. After this email, the hacker starts hounding the brand’s customers with additional emails demanding immediate payment on all open invoices.
Fortunately for the brand that experienced this scam, its customers always pay on time and they had no invoices over 30 days old. The “pay me now” emails from the hacker posing as the brand employee frustrated the recipients. Finally, a customer called the brand to ask the brand to stop bugging it about payments that were not due yet. This is when the brand uncovered the scam. The brand was very lucky to uncover this scam before any money was sent to the hacker's bank account.