THE STORY OF A HAUNTED COMPUTER, or Why protecting your inbox from phishing emails is paramount important.
# stay protected against malware
As Halloween came to pass, it’s not just ghosts and witches that you need to watch out for. Cyber criminals are on the hunt for naive victims.
In today’s AI world, the line between trick and treat can be razor thin.
The story of a haunted computer.
Let me tell you a scary story that happened in September 2023 in Shanghai, to a real person working in a fashion retail company. They’d heard about us from a client of ours and reached for help. Apparently, the finance department’s computer was “haunted”.
This is the story:
Jessie (name changed), who works in the finance department was also in charge of collecting vendor invoices and submitting them to her boss for payment. Some suppliers were in China, others in Vietnam, Malaysia, etc. Her boss most of the time is on the road, attending fairs and developing new clients.
A vendor contacted Jessie to follow up on a payment, and her boss replied that the payment had already been made as per earlier Jessie email request. And everything would’ve been fine except she didn’t recall sending such an email to her boss. The payment was made to a bank account with the vendor’s correct name, but the bank account number wasn’t. And this was not the only wrong vendor payment… Their world turned upside down. Money lost, tempers rising, people resigned.
Their in-house IT engineer did find the emails regarding the unfortunate payments in the Sent folder, which indeed raised a few brows. He installed a local brand anti-virus software but scanning Jessie’s computer no malware have been found.
They’ve got a mystery case on their hands, look like the computer was “haunted”, and was sending e-mails to Jessie boss without her knowledge.
So, how do computers get haunted, really?
Well, we are not ghostbusters, but IT we know well.
Using specialized tools, we confirmed Jessie’s computer had been infected. The cybercriminals were monitoring her computer as well as email correspondence via RSS feeds technique and also sending emails on Jessie behalf, mainly after-work hours. Moreover, we found many of finance folders being infected with Blackbit malware, with all its data encrypted. Jessie did not even realize those folders were locked until we checked.
As trend in China for invoices (aka fapiao’s) is forward e-fapiao, Jessie used her business email to register on diverse platforms for receiving reimbursement and vendors fapiao’s. But, because she was unfamiliar with the warning signs of phishing emails, she unknowingly opened attachments in form of e-fapiao on an email that masqueraded to be an invoice from a vendor.
From there it was simple as 1-2-3: clicked on a link, filled in some information and voila infected computer. At the time, her computer had a free anti-virus software protection software that did not do its job. She also used a weak password for her email, and also used the same password on multiple other systems.
Welcome to the world of phishing emails!
Phishing emails are deceptive messages, posing as legitimate entities to trick you in revealing your personal information such as password, credit card details or social security numbers. Much like spider weaves an intricate web to ensure its prey, cybercriminal craft elaborate narratives within phishing emails.
This unfortunate event that caused a massive loss of money, was because of Jessie’s lack of knowledge when it came to recognizing and dealing with phishing emails.
This real scenario simply underscored the vital importance of proper education, skills, and training in dealing with phishing emails. Jessie’s experience was a harsh reminder of the risks associated with phishing emails, especially when one lacks the knowledge and training to identify and protect against them.
Remember: your computer is your digital house, and you choose that nothing disrupts your digital peace.
For more information about phishing emails, contact InnTech IT Solutions team and we’ll tell you what acts as your trusted ghostbusters and amulets. Stay informed, protected, and strong always.
InnTech IT Solutions China – your amulet against cyberscams.
InnTech IT Solutions help expats and multi-national Companies solve diverse and unique IT issues they face while living or doing business in China.
Cybersecurity is one of our expertise and priorities, and we are here to provide the guidance and IT systems enhancements needed to keep you safe in the digital world.
InnTech IT Solutions helps businesses in taking proactive steps equipping individuals and organizations with the knowledge, skills, and tools to defend against cyberthreats.
We are also pleased to announce our new comprehensive Training on Personal Security Awareness & Phishing protection.
If you or your organization is interested in learning more about phishing protection, or have any IT issue, do not hesitate to reach us.
meanwhile, do follow us on wechat /linkedin to stay tuned for more magical insights into the world of digital sorcery.
to learn more about InnTech, click here
search for more
-
Devere engages InnTech to set up the Shanghai office IT infrastructureNovember 8, 2020/0 Comments
-
InnTech, an amazing Cybersecurity Company in ChinaOctober 9, 2024/
-
What is the new cloud-broadband internet service from China Telecom?December 21, 2023/