Dear colleagues, partners, and friends,
Recently, some of our contacts have received e-mails from sources that pretended to be Biogents staff or management. This specific version of attempted e-mail fraud, using forged sender addresses, is called spoofing.
The messages usually talk about an urgent issue that needs to be solved quickly and with your help. The aim is of course that you transfer money to help solve that issue.
How do they know our names and e-mail addresses?
There is no indication that the fraudsters have hacked into our e-mail server. From the messages we have seen and analysed, it rather seems that they have searched our webpage for staff names and positions, as well as for connections or links to our partners or distributors. Their web presences are then searched as well to find possible points of contact.
What can you do?
So far, we have not heard that the fraudsters have been successful, thanks to the vigilance of our contacts. When they received such a message, they became suspicious, checked back, forwarded the message and we were able to quickly clear this up.
How can one tell a message is probably a spoof e-mail?
First, the initial message is either very general, but really stresses the urgency, or comes up with a story where you can help us save a lot of money. It is also often a bit pushy. And if you answer, it will become even more demanding to build up time pressure.
Also, the signature on the bottom of the message is usually not in the same style or with the same content as the one that we use.
Another common denominator is that actual sender’s name and origin of the message are masked, meaning that the “From” or “Sender” field in the header contains the name and e-mail address of a person at Biogents.
To receive your answers, the fraudsters usually enter their own address into a field called “Reply to”. This field is invisible when only the short version of the header list is displayed, which is the usual setting in most e-mail programs. Only when you click “Reply” to write an answer, the reply-to address will be displayed.
Another way to get this and much more information on where message really came from will be shown if you look at all the headers – how this is done depends on the e-mail program you use – see below how this is done in Outlook and Thunderbird.
Links to more information
- Wikipedia on e-mail spoofing: https://en.wikipedia.org/wiki/Email_spoofing
- Wikipedia on e-mail frauds in general: https://en.wikipedia.org/wiki/Email_fraud
- View message headers in Outlook: https://support.office.com/en-us/article/view-internet-message-headers-in-outlook-cd039382-dc6e-4264-ac74-c048563d212c
- View message headers in Mozilla Thunderbird: https://www.lifewire.com/view-full-message-headers-thunderbird-1173106