This scam primarily affects businesses, from large companies to small and medium-sized outlets.
The fraudsters use a hacked email account to send a reminder for payment to the business and put the business under pressure to pay an invoice. Frequently the email has a PDF document attached, which requires the victim to download an “Adobe module” in order to view it.
If the victim clicks the link to the PDF, a so-called RMM, or Remote Monitoring and Management Software, is downloaded to the victim’s computer, which allows the scammer unnoticed access to the device.
The criminals can connect to the computer and spy on the passwords required for the necessary payment software, for example MultiLine, and then send high sums of money to so-called “money mules” used for transfers of funds.
The scammers then use the victim’s email address to send further fraudulent emails. As the new recipients are familiar with the sender’s email address, the new attempts rarely raise suspicion and encourage recipients to fall victim to the same scam.
In one recent case, a single email address sent 1,200 emails with the PDF document and the RMM software link to new victims. As transfers of large sums are not unusual for businesses, these scams can often go unnoticed by banks.
- One should always be wary of emails with strange requests or messages demanding urgent reactions, even if they originate from a safe sender.
- If someone is away from their office or PC for a prolonged time, they should remove the LuxTrust card from the reader to stop scammers from making unauthorised payments.
- Always check if an email is addressed to you or if it contains mistakes or poor translations.
- If the sender is unclear or if there is any doubt about the origin of the email, contact the organisation directly.
- Never click on suspicious links or attachments received via email.
- If you think you may have inadvertently fallen victim to such a scam, have your device checked for RMM software as it is often not recognised by regular anti-virus programmes.
- If you discover suspicious software on your PC, immediately change your password and LuxTrust PIN.
- Always check bank accounts and report any suspicious transactions to your bank.
- If you have fallen victim to a scam, immediately contact a police station and file a complaint.
