Phishing Attack Investigation Service in Hong Kong
Phishing Attack Investigation
Digitpol's Cyber and Fraud Team are certified examiners and can assist to all cases related to Phishing attacks, email scams and fraud. Digitpol has seen a rapid rise of phishing attacks and email scams between a manufacture and a supplier when either is based in an offshore region or Asia, the targeted reason for this is due to the fraudsters ease of opening or using bank accounts in offshore regions and in Asia. Digitpol can deploy forensic examiners to investigate the hack, determine how it took place and report the findings, Digitpol ensures that hackers are not active in your network and ensure your user accounts policies and rules are configured correctly to prevent further attacks.
If your company has been targeted by a phishing attack such as Internet Fraud, CEO Fraud or Email Fraud and Scams and funds have been transferred to a bank account, we can help you, but only if you act fast and if you have the proof. If Digitpol is notified in time, Digitpol will assist to stop the funds from been transferred further and assist with all matters such as reporting the crime to the local Police in the region the funds have been transferred to.
The Common Trends:
Sale contract scam: fraudsters know from stolen emails about transactions between company A (the seller) and company B (the buyer). The fraudsters, pretending to be company A, send fictitious emails to company B, claiming that company A’s bank account has changed and requesting transfer of funds to the new bank account which is usually in the same region as the client, vendor or supplier.
CEO scam: pretending to be senior management officers of victim companies, fraudsters send fictitious emails to staff in the finance department, seeking the transfer of funds to overseas business partners or to make business investments on an urgent basis. The finance department staff are requested to transfer funds to a bank account.
The misspelt domain name.
This is where the cyber attacker will own the misspelt domain name, which closely resembles the victim or clients domain, but is usually off by one character.
From: "CEO Name" <email@example.com>
In this case, anti-spoofing will not identify these messages. Instead, regular expressions can be applied to the From: line in order to identify the misspellings. Below are two regular expressions for a domain called example.com. These expressions are useful not just for these scams, but phishing in general. For efficiency, the regexes assume the first character is never changed, which is a fairly safe assumption because otherwise the domain would not look similar enough. Simply copy the pattern and apply to your own domain(s).
Character Substitution Regex
This expression identifies a domain where one of the letters in the domain has been replaced. It works by checking each letter for substitution (for instance [^m] means "any letter but m").
Are you effected by a Phishing Attack?
If a phishing attack happens to you, you need to respond quickly. Phishing attacks and email fraud can lead to major disruption and financial disasters.
If you encounter or believe that you have been the victim of online or internet fraud (i.e. phishing, fraudulent text messages etc.), please send an email to firstname.lastname@example.org Be sure to attach any supporting documentation such as copies of suspicious emails, text messages and questionable links/URLs.
Digitpol is available 24/7.
Phone: +31558448040 / +85239733884