"Xiao Fan, pay 4.7 million to the account of the business company, pay it now, ...... in a hurry"
Received the transfer instruction from the superior
You are executed immediately
Or double-check
The financial staff is responsible for the financial responsibility of the company
Once scammed
! The losses are huge!
The same thing happened recently
The company's financial staff
Someone pretended to be a leader and defrauded
The editor has sorted out the case for you
What happened to the case
Case 1: The accountant was deceived by the company's "CEO......
May 8, 2024
Fan, the financial manager of a city** company
Being impersonated by others as the owner of his company
By setting up a work group chat
And imitate the tone of the boss
On the grounds that the company's turnover needs remittance
Defrauded the victim of 4,700,000 yuan in the company's account
Case 2: How many scammers do you think there are in the group?
May 28, 2024
Li, the financial officer of a city ** company, reported the case
Being impersonated by someone else in the form of the boss of the company
Fraud of RMB 700,000
According to the victim Li, he reflected
The suspect set up a QQ group
Change the group name to the company name
Nicknames of 2 users in the group
They are the owners of their companies
and the nickname of a colleague
The "colleague" pulled the victim Li into the group
The victim mistakenly believed that the group was the financial group of his company
The "boss" asks in the group
The victim, Li, transferred 700,000 yuan to the designated account
After the victim, Li, transferred the money and verified with his boss
Discover being scammed
So immediately called the police
Analysis of the main scam schemes
Step 1: Target Search
Fraudsters collect a large number of personal information such as emails and mobile phone numbers of company financial personnel through enterprise information disclosure platforms and talent recruitment websites; infiltrate financial personnel WeChat, QQ, DingTalk and other groups by disguising their identities.
The second link: Trojan horses
Fraudsters send or drop emails, links, files and other Trojans (mostly with exe as the suffix) in the name of electronic invoices, tax policies, etc., and when downloaded or clicked, the computer is silently installed with remote control software.
The third link: remote monitoring
Fraudsters remotely control the corporate computer to monitor the WeChat and QQ chat records of financial personnel, analyze the company's situation, the identity of the boss, the company's financial system and loopholes, and master the boss's WeChat nickname, avatar, and language habits, so as to prepare for the next step of "impersonating the boss".
Session 4: Impersonate the boss
Fraudsters take the opportunity to remotely delete the "real boss" in chat software such as WeChat, QQ, WeChat, and DingTalk of financial personnel, and replace it with "impersonated boss" (the avatar and nickname are the same as the real boss).
Step 5: Committing fraud
The "impersonating boss" asks the financial staff to prepare the money, pulls them into a "small group" (the group is other fake employees or customers), and directs the financial staff to transfer money to unfamiliar bank accounts.
Keeping in mind the five "precautions"
1. Please avoid announcing and using the email address of financial personnel in external channels, and at the same time, the financial email account should avoid specific information such as personal contact information.
2. Employees of enterprises, especially financial personnel, do not click, download, or forward unfamiliar links or suspicious files in the process of office work, and strictly prevent Trojan virus infection. After work, computers and other equipment should be turned off in time to avoid being remotely controlled and attacked by hackers when unattended.
3. Enterprises should pay attention to network information security, avoid computers receiving remote operation and maintenance, maintenance and other services, install mainstream anti-virus protection software on the computers of financial personnel, and immediately update and comprehensively check and kill viruses and change computer passwords.
Fourth, in the transfer process, enterprises should increase the verification links such as the mobile phone verification code of the person in charge of the enterprise, the double U shield, etc., to avoid one person mastering the U shield and password at the same time, burying hidden risks.
5. Enterprises should establish, improve and strictly implement financial rules and regulations to ensure that the verification procedures are carried out before transfer and remittance, especially when enterprise leaders pull financial personnel to build a small group and chat about remittance, they must contact them in person or by phone to verify the situation.
Source: Jiangmen Public Security