In today’s ever-connected world, businesses are increasingly at risk of cyber attacks. Unfortunately, even the most well-protected companies can fall victim to sophisticated email spoofing scams, as one Mumbai firm recently learned the hard way.
Andheri-based manufacturer Refractory Shapes Pvt Ltd has lost nearly Rs 10 lakhs to suspected Chinese scammers in what appears to be a case of email spoofing. The company, which produces refractory glass and buys raw materials from China, filed a complaint with the Andheri police last week. According to the complaint, the company has been doing business with Chinese supplier Triple H China Limited for the past 20 years. In May of this year, Refractory placed an order for 54,000 kg of white tabular alumina worth Rs 32,60,328.
As per the agreement, they were supposed to make a 30 per cent advance payment, the Chinese company shared their account details in an email communication,” read the complaint. However, the same day, Refractory Shapes Pvt Ltd received another email, this time from a different ID – firstname.lastname@example.org. They were asked to transfer the advance amount to another account with the Industrial and Commercial Bank of China. The company transferred Rs 9.82 lakh and shared the transaction details on the same email ID for confirmation. However, when it did not receive any response, the company contacted the general manager of Triple H China Limited, who told them that they had not received any payment. The company then realised that they had been cheated and lodged a complaint with the cybercrime police station.
Andheri Police suspect that someone within Triple H China Limited shared the private communication details with the fraudsters, who then created an almost identical email address to dupe the Indian company.
This is just one example of how companies can be cheated by fraudulent emails and fake websites. It is important to be vigilant when dealing with unknown entities online and to verify all information before making any payments.
Keep these tips in mind to prevent spoofing scams:
- First, check the email address of the sender before responding to any messages. If the address looks suspicious, it may be a spoofed email.
- Try to contact the main party using another platform such as WhatsApp, Skype, or a phone call. This will help you verify that the message is legitimate.
- Do not click on any links in an email unless you are absolutely sure they are safe. If you are unsure, hover over the link with your mouse to see where it will take you before clicking.
- It is a major red flag if you see misspellings, grammatical errors, or urgent requests.
- Educate your employees about how to spot these scams. By teaching your employees to be on the lookout for these red flags, you can help protect your business from costly attacks.