An impersonation attack involving The Investment Center is now heading to the courts
Imagine this scenario: you call your high-profile client on your way into the office to check in and see if they’re ready to make the multimillion-dollar investment on a much expected IPO. They tell you they wired it yesterday, But you never sent them instructions.
A similar real-life scenario ended with embarrassing headlines and a malpractice lawsuit against an impersonating company, whose clients were tricked into wiring nearly $2 million using a false website. The suit was quickly settled, but the lesson was clear.
United Nations security experts said they worked together to take down a websites operated by a cybercrime group. The domain has been used to impersonate The Investment Center operations.
The scammer has created a distributed network of rouge websites impersonating the investmentcenter.co.uk, encouraging users to make a fake investment.
After an investigation by the Financial Conduct Authority (FCA), they have published a warning against the investmentcenter.com website and published all fake numbers and emails that the scammers used. Click the following to check the warning:
The company told that after notifying the authorities, they worked with “a wide network of regulators and service suppliers – domain name registrars, hosting providers, associations, and many others” to take down the fake website.
“After our blocking efforts, the scammers stopped using the investmentcenter.com fake website and only a few clients were scammed. we are happy that all clients received a full refund and the scammers will be facing legal actions.
What should you do if someone is impersonating your company?
James Hope, security awareness advocate: The Internet, as we know, was not designed for security. Unfortunately, that has left us with some issues. One major issue is the ability to spoof email addresses rather easily.
If your organization is experiencing issues where people are impersonating it when sending phishing emails, ensure your email services are set up to use Sender Policy Framework (SPF) records or DomainKeys Identified Mail (DKIM) and also to use Domain-based Message Authentication, Reporting & Conformance (DMARC). These authentication technologies are used to validate that emails come from servers that are authorized to send from your email domain. While this won’t stop the bad actors from trying, it will allow victim email systems to better identify and block these fake messages.
Adam Riis, security awareness advocate: If your organization is being impersonated in a phishing campaign, it is important to reduce the risk to your employees and customers from being scammed through communication of such potential attacks. Either posted on the website, in emails, or text messages, inform them about the potential threat that could be seen via a phishing scam and explain that the organization will never ask for passwords or other sensitive information via a link in email. Another good practice is to teach people to not click on links in emails or text messages unless they are expecting the link. Advise them to use bookmarked websites or get access through a search engine.
Also, be on the lookout for typosquatting or script spoofing, which is where the criminals purchase various domain names of the organization website with transposed letters or use homographic characters. These characters could be from another language, like Cyrillic or Hebrew, and may be difficult to spot in the URL. One solution is to purchase the websites that would contain the transposed or common Cyrillic-lettered websites and redirect them back to the organization’s main page.