Emails are the number one security risk for accountants and are a prime target for hackers. Hackers target emails as they’re the easiest systems to attack and contain the most sensitive data for a firm. Using an automation system, hackers can send out almost a thousand emails within a short second, meaning it’s no surprise that inboxes and junk folders are full of spam daily.
Most phishing schemes are sent directly into your inbox using automated mailing systems. However, hackers are getting more creative to bypass spam filters and are using online forms to deploy their scams. Most accounting firms have a contact us page on their website meaning it would be easy for a hacker to submit a scam like the below which appeared in our inbox last month.
What The Scam Is Saying
The scammer sent a message via a Practice Protect Contact Form saying that copyrighted images of hers are being used unlawfully on our website.
The scammer claimed that she will bring in a legal team unless we fail to comply by taking down the material on the website.
Included in the form was an attached link to the images that they claim are being used without copyright and proves her ownership over the material.
Why It Caught Our Eye
This scam caught our eye as it wasn’t a standard phishing email, it had been submitted using an online form.
The hacker directly visited the Practice Protect website, went over its content, filled out a contact form, and made the scam almost believable by threatening to report the copyright material they found on the site.
The link provided in the form was a normal-looking URL that redirects to a Google Drive folder. Clicking the link could have infiltrated the device and seized control of its data in a ransomware attempt.
What They Did:
- Used a scare tactic – This is a common social engineering tactic. Nobody wants to be sued for using someone else’s ‘intellectual property.’ If a team member opened this and was immediately scared by the scammer’s threats of legal action, they could have fallen victim to this scheme.
- Used a familiar link – Scammers usually depend on people to click links, either accidentally or because they didn’t think it was malicious. Upon hovering over the link in the scam email, it showed a normal-looking Google Drive link. Still, this is suspicious enough to warrant a check on the link itself.
- Used perfect grammar – A phishing scam can be spotted through obvious spelling and/or grammar mistakes, but this email had none. A less wary team member could still be fooled by this as it didn’t have the tell-tale hallmark of a poorly constructed email.
Being experts on the dangers of emails and unknown links, our team decided to investigate it first before addressing the email.
What Our Team Did:
- Did NOT click the link and immediately sent it to our IT department for checking.
- Did NOT get scared by the threat and instead checked with other members of the Marketing team that all licenses for using website assets are valid (and they were!).
- Did NOT reply to the email – some sophisticated email scams rely on replies to get personal and sensitive information.
- Immediately looked up the sender’s email and verbiage; and found articles of the same exact scam on Google.
One of the first Google results landed on a Fake ‘Experienced Illustrator’ phishing scam alert from Sangfroid Web. Two of their clients have reported a similar scam about someone who was accusing them of copyright infringement. Both scams were also received through contact forms on their website.
Why It Matters
While this isn’t a scam that necessarily targets Accountants or Bookkeepers, it looks like a convincing one at first glance. A Practice Manager or a Junior Accountant wouldn’t necessarily oversee their website’s assets and might get intimidated enough by the scare tactic to click the link or download the ‘proof’ of copyright infringement that the scammer included in the email.
Although phishing scams are usually easy to detect, businesses cannot entirely cross out human error or the evolution of cyber threat. Always ensure that your team members – and your clients – are proactive in being up to date on the latest scams.
Practice Protect holds monthly cyber security training for 1000+ accounting firms. Book a free consultation with us to learn how we can assess any security flaws your firm may have.