Email Security

andyeire

I have a hover webmail account. In the last couple of days when I email a customer a payment request they receive and email that looks like it's from my email address giving them a new bank account to send payment to, not mine!!
This is 'in thread' of the email conversation.
When this first happened I scanned the computer with AVG and malware bytes both came back clean.
I have changed all passwords and started using a password manager, LastPass.
Even after these changes, it is still happening. When I changed passwords I was notified of some login attempts originating in Nigeria. So I rescanned computer changed all passwords again.

I can not find a trace of the bogus emails in my email account sent items.

How are my emails being intercepted?

Evelyn Martina

Hi

This happened to our business last week and two of our clients received emails supposedly from us requesting that they change the bank account details they held for us to new bank account details and that funds due should be paid to the new account. Bearing in mind we are based in Kinsale, the new account was a foreign account, and that we deal with this company nearly every week , one of the companies paid over nearly €14,000.00 which was owed to us into the bogus account. The other client saw the email and recognised it as a fake and rang us to let us know. Our email is a gmail, G Suite business email, with two step verification, I have antivirus set up, change my password once a year and was also using a password manager. Google and my domain host have both checked my email as well as I and it seems the email was not hacked that the emails are being intercepted between servers. Apparently you need to add a SPF, DMIK record and DMARC record to your domain to stop this from happening.

Anyone have any idea where we stand on getting our money, I presume we are still owed same.