By now you’ve probably already heard about the phishing attacks that are targeting the automotive industry; these attackers are focusing on the automotive industry because of the frequency of wire transfers. These attacks are getting better and better by the day, attackers are researching your dealership, they know who you are, they know your schedule, they know all they key players in your store and they make their attacks look like they’re coming from you.
To help prevent these attacks you need to know how they are doing these attacks.
– They start by picking out a store at random, however it appears that single (non-group) stores are their primary targets due to the smaller size of the accounting department.
– From there they research your store, they find out who the controller and dealer principal are; this is usually from your website or LinkedIn, however, a simple phone call figures that out. They will even call to figure out your schedule.
– Then they register a domain (web address) very similar to that of your store. If your store’s domain address is abcmotors.ca they may register abcmotors.co, or abcmottors.ca; note the .co instead of .ca and the extra “t”, easy to miss at quick glance.
– Finally they send an email to the controller from you, usually when you’re away; since they know your email address, say email@example.com, they will use firstname.lastname@example.org (the fake domain). The English is decent enough not to set off any alarms, and the request will be straight forward, simple and direct.
So how do you prevent these attacks?
– As with most things the best solution is usually the simplest; require a quick phone call verification for every wire transfer. It might seem like a nuisance, but if it saves your store tens of thousands of dollars it is worth it.
– Another simple solution is to have a password with every wire transfer; it doesn’t have to be anything complex or secure, you just want a simple verification for the transfer. When your controller receives a wire transfer request they will ask the password, and attackers won’t know it.
– Finally, you could have a request form that needs to be filled out; one that is easily accessible internally and shouldn’t be sent out over email.
Separate from something you put into place and manage, A&R Solutions now sells Barracuda Essentials for Office 365; this will not only provide you with email archiving it adds another, very powerful, layer of security onto your email. Barracuda Essentials for Office 365 can not only help you prevent again email-based viruses and ransomware; it adds protection from phishing attacks like this.