Aug 4 2014, 04:29 PM
QUOTE(hidelun @ Jul 3 2014, 09:19 PM)
Dear all,
I am IT Support in a SI company that maintain SME IT network/mail/server. Recently I have encounter two of my client (Comp A & B/Not related) their company client (From Italy and Holland) received email from them that asked the client to update/pay to another Bank account and this particular email also contain of their previous email conversation history and attachment of their valid company letterhead, chop and signature. Luckily both of my client's client call them to double confirm only found out it is a fraud/scam mail. The sender email address looks almost identical, i.e john@abc.com.my (valid) change to john@abc.com
I am sure that their system have been hacked however I just dunno how it happen or whether it hacked to the users pc, mail server (host outside) or maybe hacked in the company client mail system. They are protected with firewall appliance on their network and kaspersky antivirus. I have scan their pc with Kaspersky antivirus, Spybot, malwarebyte, hijackthis and found nothing. Other than this, I also changed the affected users mail password. Planing to call the mail hosting tomorrow to check with them any possibility it is hacked from their side. Of course, if it was hacked from my client's client, then it is out of my control dy.
I have googled and found out most of this case happen due to hacker penetrated to the supplier mail account.
http://qualityinspection.org/china-scam-email/
Any IT security sifu or users that have experience bout this. Appreciate and many thanks for your sharing.
yeah...the last steps you need to check is hosting company. you must provided that email contents also in order for them to check.I am IT Support in a SI company that maintain SME IT network/mail/server. Recently I have encounter two of my client (Comp A & B/Not related) their company client (From Italy and Holland) received email from them that asked the client to update/pay to another Bank account and this particular email also contain of their previous email conversation history and attachment of their valid company letterhead, chop and signature. Luckily both of my client's client call them to double confirm only found out it is a fraud/scam mail. The sender email address looks almost identical, i.e john@abc.com.my (valid) change to john@abc.com
I am sure that their system have been hacked however I just dunno how it happen or whether it hacked to the users pc, mail server (host outside) or maybe hacked in the company client mail system. They are protected with firewall appliance on their network and kaspersky antivirus. I have scan their pc with Kaspersky antivirus, Spybot, malwarebyte, hijackthis and found nothing. Other than this, I also changed the affected users mail password. Planing to call the mail hosting tomorrow to check with them any possibility it is hacked from their side. Of course, if it was hacked from my client's client, then it is out of my control dy.
I have googled and found out most of this case happen due to hacker penetrated to the supplier mail account.
http://qualityinspection.org/china-scam-email/
Any IT security sifu or users that have experience bout this. Appreciate and many thanks for your sharing.
my clients also face the same problem.
Quote
0.0138sec
0.74
6 queries
GZIP Disabled