Menu
Reply
  • 8
  • 0
  • 4
Jessie32
Tuning in
566 Views
Message 1 of 18
Flag for a moderator

Email interception

Hi, 

Recently I was in talks with a company via email about making payment to the second half of an outstanding services invoice. During the conversation about settling the invoice, I received an email that had the same email address, containing new bank details. I thought nothing of it, and sent payment to the new bank details which now turns out to be a scam. 

I believe the company were the ones who had their emails intercepted as the email address, email footer and contact names were all the same as official emails. Am I right? Is there a way to check if the emails were actually intercepted from my side?

Any help would be massively appreciated as I am now out several hundred pounds and the company are chasing for the payment they did not receive 😞 

Thanks! 

0 Kudos
Reply
  • 17.9K
  • 988
  • 7.51K
Very Insightful Person
Very Insightful Person
561 Views
Message 2 of 18
Flag for a moderator

Re: Email interception

It sounds as though you've been the victim of a Spear Phishing attack

Spear phishing is a more targeted form of phishing, they already know something about you, including the fact that you were in talks with another company.

I would contact Action Fraud and also your bank as a first step.

Tim

Edit - more information on Spear Phishing - https://www.comparitech.com/blog/information-security/spear-phishing/

As a Very Insightful Person, I'm here to share my knowledge. I don't work for Virgin Media.

Click to learn more about VIP

Use Kudos to say thanks

Mark as Helpful Answer if I've helped

0 Kudos
Reply
  • 17.9K
  • 988
  • 7.51K
Very Insightful Person
Very Insightful Person
551 Views
Message 3 of 18
Flag for a moderator

Re: Email interception

I should add - DON'T DELETE the email you received just yet.  But you do need to be aware that scammers are extremely good in crafting emails that look like the real thing.

Also note that the From: address can be spoofed - although there are technologies being introduced to make this harder, not everyone uses them, and they're not always foolproof.

Tim

As a Very Insightful Person, I'm here to share my knowledge. I don't work for Virgin Media.

Click to learn more about VIP

Use Kudos to say thanks

Mark as Helpful Answer if I've helped

0 Kudos
Reply
  • 8
  • 0
  • 4
Jessie32
Tuning in
534 Views
Message 4 of 18
Flag for a moderator

Re: Email interception

Hi, 

Thank you for coming back to me. So do think it was my emails that were intercepted, not the company I was in talks with?

How would they have found this information out?

I have contacted my bank and they are investigating whilst attempting to get my money back, but I am not hopeful. 

How can I protect myself from this, going forward?

Thanks! 

0 Kudos
Reply
  • 17.9K
  • 988
  • 7.51K
Very Insightful Person
Very Insightful Person
521 Views
Message 5 of 18
Flag for a moderator

Re: Email interception

Bear in mind I'm not a Virgin Media employee.

Rather than intercepting mails en route, you'll often find that either you or the company you're talking to may have had your email accounts compromised, or the scammers may have harvested data from other hacks.

Start by assuning that your email address has been hacked first of all.

Head to my.virginmedia.com and log in.  Go to my profile and change your password and also your security questions.
Once that's done go to webmail and go into settings and look for any filters that may have been added to redirect mail.  If their are any - make a note of the addresses they are being redirected to prior to deleting them.

Check all computers and mobiles for virus or malware infection as well.

I personally would love to see the email that was sent out, as there is information in the headers that will tell you whether it was really sent from the company you think sent it. - However I'm not going to ask for it, as noted I'm not a VM employee.

I personally have had a phishing mail from a compromised nhs.net account on one occasion, so I wouldn't completely rule out the hack happening at the other end either.

You mentioned you were on a call to the company at the time.  Did you call them - or did they call you?  I suspect it was the latter.

Tim

As a Very Insightful Person, I'm here to share my knowledge. I don't work for Virgin Media.

Click to learn more about VIP

Use Kudos to say thanks

Mark as Helpful Answer if I've helped

0 Kudos
Reply
  • 3.84K
  • 409
  • 1.38K
Very Insightful Person
Very Insightful Person
487 Views
Message 6 of 18
Flag for a moderator

Re: Email interception

As soon as you have time do make a detailed note of what happened and subsequent actions whilst they are fresh in your mind.

In terms of preserving evidence consider:

  • saving emails to file; in webmail select the emails, then (not the one located top right) and then Save as file
  • take screenshots of any unexpected filter rules you find in webmail
  • 8
  • 0
  • 4
Jessie32
Tuning in
470 Views
Message 7 of 18
Flag for a moderator

Re: Email interception

That's fine, I am just so grateful for any help. 

I changed my password last week, when I realised what had happened. I have just look in Email > Filter Rules and nothing has been set up, so my emails dont seem to be redirecting anywhere. 

In terms of the email, the subject header was 'vital mail' and the email address the exact same as the one being used by the company which is why I didn't query it, although the subject should have been a bit of a giveaway - I feel so stupid for not spotting it! 

Sorry no, I was talking to them via email. They sent me the invoice, then replied again a few minutes later to say they had changed their bank details. 

I think I am just keen to know whether it was my side or the company's so I know how to deal with this moving forward. 

Again, thank you for your help it is much appreciated! 

 

0 Kudos
Reply
  • 8
  • 0
  • 4
Jessie32
Tuning in
468 Views
Message 8 of 18
Flag for a moderator

Re: Email interception

Thank you, that is a great idea and I have now taken screenshots to document everything! 

0 Kudos
Reply
Highlighted
  • 17.9K
  • 988
  • 7.51K
Very Insightful Person
Very Insightful Person
379 Views
Message 9 of 18
Flag for a moderator

Re: Email interception


@Jessie32 wrote:

Sorry no, I was talking to them via email. They sent me the invoice, then replied again a few minutes later to say they had changed their bank details. 

 


It's possible they were able to see the mail coming into your account then, due to the timing of the second mail, I rather doubt it's coincidence.

@ModTeam - Why has no one replied to this mail?  You have someone who's clearly been scammed and you should be doing everything you can to help this user.

@Jessie32 - While it's easy to look back, and say I should have realised, that is the benefit of hindsight, it has 20/20 vision.  Personally I would always be wary of dealing with a company entirely via email anyway.  You should always have a phone contact for that company so that you can call them and verify account details with them directly, especially when you get a mail telling you of a change of account details.

Tim

As a Very Insightful Person, I'm here to share my knowledge. I don't work for Virgin Media.

Click to learn more about VIP

Use Kudos to say thanks

Mark as Helpful Answer if I've helped

  • 1.29K
  • 131
  • 694
MissPasko
Knows their stuff
371 Views
Message 10 of 18
Flag for a moderator

Re: Email interception


@ravenstar68 wrote:


@Jessie32 - While it's easy to look back, and say I should have realised, that is the benefit of hindsight, it has 20/20 vision.  Personally I would always be wary of dealing with a company entirely via email anyway.  You should always have a phone contact for that company so that you can call them and verify account details with them directly, especially when you get a mail telling you of a change of account details.

Tim


Totally agree.  This is the world we live in now - keep spreading the word Jessie32 and Tim.  I have an employee on maternity leave.  She wrote in by email to change her bank account details - I made a telephone call before I did it as I know her voice!


~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

If you want to say thanks > click 'Kudos'.
Have we solved your issue? > click 'Mark as Helpful Answer'