Dear Customer,
We want to alert you about a growing cybersecurity threat that is affecting many companies and individuals.. Numerous cases of identity theft in emails have been reported, where attackers have managed to access email accounts and modify the bank account number on sent invoices. As a consequence, payments that should have been directed to legitimate accounts have been redirected to accounts controlled by cybercriminals, generating significant economic losses.
This type of fraud, known as Man in the Middle (MitM), allows attackers to intercept communications and make changes to invoices without the sender or receiver noticing until it is too late. Cybercriminals are able to intercept the message, change the bank account information that appears in the email or even in the attached documents, as invoices in PDF format, in order for you or your clients to transfer to a different account number, controlled by attackers. Many times, The victim is not aware of this fraud until the legitimate provider demands payment, moment in which, by comparing the account numbers in the mail and the transfer made, It is discovered that they have been modified. Once the fraud has been carried out, criminals transfer the money to other accounts abroad, which makes recovery extremely difficult.
It is essential that preventive measures be taken to protect yourself from these types of attacks, since losses can be significant and difficult to recover.
To protect against these types of attacks, We recommend the following measures:
- Password security: Use strong passwords and change them regularly.
- Two-factor authentication (2FA): Be sure to enable this option on your email account to add an extra layer of security.
- Payment verification: Before making a bank transfer, Contact the supplier to confirm payment details, especially if you notice any changes in banking details.
- Invoice review: Be aware of any changes to invoices sent or received. If you detect any irregularity, notify us immediately.
At Factura One we are committed to the security of your information and we are available to help you implement these measures.. Please feel free to contact us if you have any questions or would like additional assistance..
Sincerely,
The Invoice One team