Director Scam emails targeting SME’s are on the increase in the UK and becoming increasingly sophisticated.
Sometimes known as ‘Whaling’ emails, Director scam emails are a type of phishing scam – but targeting the bigger ‘phish’.
In this type of attack, cyber criminals impersonate a senior member of the victims own company to trick them into transferring money.
Financial Fraud Action UK warns that con men have started carefully targeting individuals by sending them emails which appear to be from their senior colleagues such as the finance director or chief executive.
Criminals use publicly available information – such as Facebook, Twitter and Companies House – to gain knowledge of target companies, such as the names of senior staff.
Software is then utilised which means that the email, including the sender's address, looks completely genuine at first glance. The fraudulent email appears in the recipient’s inbox in the same way as a regular email from the same contact.
The email requests that an urgent payment is made outside of normal procedures, often giving a pressing reason for needing the money, such as the need to secure an important contract.