Beware of Email and SMS Compromise Scams

This week sees the gradual return to the office with the easing of restrictions and while many companies will adopt fully remote or hybrid working, many more look forward to having their teams back in the office. Cybercriminals tend to take advantage of any situational changes and we are already seeing an uplift in scams.

As we become more cyber-aware the cyber-criminals are becoming more innovative and one area that is of particular concern is the reported incidents of criminals infiltrating legitimate email addresses, email threads and mobile SMS messages? The latter I witnessed only last week when my wife received a text message purporting to be from her bank to warn her that they had noted suspicious activity in her account. The message was in a thread of legitimate messages she’d received over time from her bank but thankfully she had the security awareness to pause and not immediately take the action demanded in the message. In this case, the poor grammar and use of American English by the Irish bank threw up a red flag, but it would have been very easy to have been caught out by this.

Salary Mandate Fraud

A similar type of fraud whereby scammers infiltrate a legitimate email address or thread has been around for a couple of years but appears to be on the rise. Often referred to as Salary Mandate Fraud, this type of fraud targets individuals in your companies HR, payroll or finance department with the intention of successfully transferring your employee’s salary into a fraudulent mule account. 

There are times when people change bank accounts but given the volume of recurring payments and direct debits set up on any given account, it isn’t all that common and so you should treat any request of this nature via email or text message as suspicious. This can easily be verified with the employee through direct contact.

Below is a mock-up of a typical fraudulent email courtesy of The Bank of Ireland,

Salary Mandate Fraud

What should you do?

  • Finance departments should always verify a change of details with a phone call using an existing number on file or other verified means outside of the thread. Good process beats the scammers, every time. 
  • Implement a robust internal escalation process so only those with sufficient authority make final decisions. It is recommended that at least two parties verify all payment changes before they are processed
  • Create a culture of cyber awareness in your organisation and ensure your employees are trained to recognise fraud and cyber-attacks.  
  • Encourage your personnel to be sceptical; spelling and grammar mistakes are often a red flag.
  • Check your bank statements carefully and report suspicious activity to your bank immediately.


What we can do to help

We can assist you in building a culture of Cyber Awareness at your organisation. We are currently offering a Free Human Risk report and a free 14-day trial of our Human Risk Management service that includes, Cyber Awareness Training, Simulated phishing campaigns and email breach analysis.  To learn more please visit our website or just email and we’ll get right back to you.