An electronics firm in Andheri is allegedly duped out of Rs 7 lakh in a cyber fraud using email spoofing. A first information report (FIR) was registered at the MIDC police station on May 7 based on the complaint of the company’s 51-year-old accountant.
According to the complaint, the company sources from another company, based in Gujarat. In February, he received an email allegedly from the Gujarat-based company asking him to send pending dues of Rs 7 lakh to a new account stating that there were issues with the old bank account.
The complainant said he responded to the email saying he wanted them to send a void check issued in the company’s name. The defendant allegedly forged a void check in the name of the Gujarat-based company and emailed the plaintiff a scanned copy. The complainant came to believe this was true and updated the bank account in February, according to the complaint.
On May 2, the plaintiff made the payment of Rs 7 lakh and a representative of his company called the Gujarat company to ask if the payment had been received. When the complainant’s company was informed that no payment had been received and that they had never sent emails to modify the bank account, the complainant realized that he had been cheated and contacted the police.
What is email spoofing?
Email spoofing is a technique used by cyber crooks who send emails with a fake sender address and trick the recipient into thinking that someone they know, such as their customer or their business partners, sent them an e-mail. This technique is used to hack your account, send malware, or trick you into sending money.
Preventive measures
1. Always call your customer when you notice a change in bank account number.
2. Make a mandatory phone call or text to verify email credentials before making money transactions.
3. Notify all employees about attacks such as email spoofing and man-in-the-middle attack so that they can properly check emails and also make a phone call before making a transaction on a new bank account.
4. Never put the email id on any website that you use for money transactions. Use a confidential email id for money transactions.
5. Install a good security system.
6. Do not click on URLs sent in emails by strangers who lure you with one offer or another.
