Larry Sabo
Well-Known Member
- Reaction score
- 3,223
- Location
- Ottawa, Canada
I have a customer who is the victim of mail fraud and I've tried searching for a thread we had a while back about the same issue but can't seem to find it. My customer provides engineering services and one of their customers received a bogus e-mail, purportedly from this engineer, asking the customer who he should be dealing with on changes to their (the engineering company's) payment processes and accounts. The customer asked for account details and the fraudster, masquerading as the engineer, provided bogus account details. They don't even deal with the bank whose account details were provided by the fraudster.
My recollection is there is an Outlook account setting where the fraudster insinuates his e-mail address so he receives a copy of all mail, and the fraudster uses copies of the mail to familiarize himself with the business, which makes it easier to impersonate the customer and request account changes for payment for services.
GoDaddy hosts their domain and provides mail services. I've referred them to GoDaddy for assistance in tracking down the breach, as I'm out of my depth on this. Any suggestions on where to go next in making this customer sane? They have changed their mail password but the thread I mentioned indicated that there was no way to rectify the breach.
Can anyone recall the thread in question?
My recollection is there is an Outlook account setting where the fraudster insinuates his e-mail address so he receives a copy of all mail, and the fraudster uses copies of the mail to familiarize himself with the business, which makes it easier to impersonate the customer and request account changes for payment for services.
GoDaddy hosts their domain and provides mail services. I've referred them to GoDaddy for assistance in tracking down the breach, as I'm out of my depth on this. Any suggestions on where to go next in making this customer sane? They have changed their mail password but the thread I mentioned indicated that there was no way to rectify the breach.
Can anyone recall the thread in question?