Do you need to worry about ‘Colleague Impersonation’?
Are your staff in the habit of engaging in horseplay around the premises, mimicking each other’s voices and mannerisms? Whilst this may be an issue for HR, it’s not the topic that we’re focussing on here. Colleague Impersonation within the IT world is the practice of sending emails impersonating members of a business and the practice can have serious ramifications.
So, do you think you’d be able to spot a fraudulent email impersonating one of your colleagues?
It’s fair to say that most of us are becoming increasingly wise at spotting emails that are pretending to be something they’re not. Something about the nuance of the language used may seem off. Or the subject line may seem a little woolly. And we’re better at stopping before we immediately open a link within an email. But as we become wiser so too are the fraudsters.
We recently heard from a beady-eyed Finance Director who’d received an email from his Managing Director asking him to pay an invoice for £9k. He began to question the validity of the email because the tone of voice wasn’t quite right. On closer inspection of the email he noticed that the sender address was ever so slightly different than his MD’s and here’s how…
For the purposes of anonymity let’s call the MD Bob. Bob’s email address is ‘firstname.lastname@example.org’. The fraudulent email came from ‘email@example.com’… This is an example of social engineering – the unscrupulous scammers understand how our eyes deceive us and that we’re generally too busy to really examine everything about an email.
Fortunately, on this occasion, the attempt at Colleague Impersonation wasn’t successful, but it so easily could have been. And there are many occasions when the fraudsters win!
Yes, we can all commit to being more observant, and we can educate our staff to do the same. But is this enough? When we’re up to our eyes in work, will we fall victim to a cunningly sent, fraudulent email?
So, how can we protect ourselves without meticulous examination of every single email we receive?
Help is at hand from software that can be used to spot anomalies within emails and send warning alerts, so preventing costly mistakes before they occur. Microsoft 365 Enhanced Security will do just that. Red warning alert bars are added to emails that have anomalous addresses, differentiating the email from all the other non-fraudulent mails in the crowded mailbox. Flagged emails can then be checked before any action is taken, ensuring that the intended Colleague Impersonation is unsuccessful.
Find out more about Colleague Impersonation and how Net Primates can help you from becoming a victim. CALL 02381 800 800 or visit www.netprimates.com/contact