Be Aware!

CenCom have recently been made aware of a spoof email that’s been sent to several client’s email accounts.
The email invites recipients to download an invoice from a malicious link.
Some of these emails claim to be from senior members of clients or members of staff from their company’s and others from the UK government or other official bodies.
Because the emails are from different sender addresses, blocking a sender’s email address will not stop the spoofing emails from getting through.
The email looks like this one below, or a slight variation of it:

Subject: Invoice 0000516 from John Smith (info@xxxxx.xx) 
You have received an invoice from John Smith (John.Smith@realemail.com) for ££2,827.14. To view, print or download a JS copy of your invoice, click the link below:  
 
link 
 
Best regards, John Smith
(John.Smith@realemail.com)
All instances of the email are a spoofing attempt. Do not respond to the email and delete it immediately.
Clicking on links within the email could potentially infect your computer with viruses or malware.
If you have clicked on a link or replied to the email, contact CenCom Solutions on support@cencom.co.uk as soon as possible.
We can then check for any viruses or malware on your device.

Protecting yourself from spoof emails

Spoof emails are malicious emails that look like they’re from someone you know, or an organisation you trust. Unlike phishing (the purpose of which is to gain personal details such as account information or passwords), spoofing is an attempt to;
By misleading the recipient into believing they know the sender, people are more likely to respond, putting their computer at risk of infection.

To protect yourself from spoofing attempts, make sure you:

Double check the email address. When you see the sender’s display name or sender email address in your inbox, it doesn’t necessarily mean that’s the person or address it came from. If the display email address is inconsistent with the display name (for example, an company display name but with a random email address such as <xxx@randomaddress.pl>, then it is an obvious spoof attempt.

The email might spoof the display sender email address too, to make it more convincing.

If this is the case then Microsoft (if you’re an Office 365 user) often provides a warning message: “This sender failed our fraud detection checks and may not be who they appear to be. Learn about spoofing.”

If it’s confirmed as a spoofing attempt, the email should be deleted immediately.

Avoid clinking links that seem suspicious. Spoofers try to make the email look like it’s from someone you know, but think carefully if it’s something you are expecting from the sender. In the case above, are you expecting an invoice? Is this the usual way you’re notified, and does the tone and content of the email seem consistent with past communications?

Finally, ensure your antivirus systems are up to date, if in any doubt raise a case with the CenCom support helpdesk to help you check.