I got a call from a customer today and they said they got an email about a wire transfer from one of the employees. Now this was not unusual because they get wire transfer requests all the time from this employee but something seemed a little off.
After thinking about it a little more they sent a text to the employee and they asked if they really wanted this transfer to happen. The employee responded and said they didn't know what they were talking about.
The tricky part about all of this is it was from the employees email address...or so it appeared.
As an IT Professional I can easily send an email and make it look like is is coming from any address but if the end user has a somewhat up to date spam filter it will recognize it didn't come from the server that should be sending out emails for that domain and block it. So how did they do this?
What the user did was buy a domain that was VERY close to their domain and traded out an L for an i. So using a upper case i (I) it looked like the domain of the company. So for example.... the email address was email@example.com and they registered a new domain example.com and using an upper case i it looks like bob@exampIe.com. Unless you really pay attention you would think it is legit.
I have already written that all emails are guilty until proven innocent but this is another prime example of that. Stay alert and watch out for little tricks like these and if something doesn't feel quite right give us a call and we will check it out!