Huge losses as fraudsters intercept e-mails

E-mails from a financial services provider to its clients were intercepted, advising clients on tax savings by bolstering their retirement policies or tax-free savings, says John Mc Loughlin, CEO of J2 Software.

Johannesburg, 09 Apr 2019
Read time 2min 50sec
John Mc Loughlin, MD, J2 Software.
John Mc Loughlin, MD, J2 Software.

Fraudsters have once again swindled unsuspecting clients out of their life savings. They managed to intercept e-mails from a financial services provider to its clients, advising them on tax savings by bolstering their retirement policies or tax-free savings. This is according to cyber security specialist and J2 Software CEO John Mc Loughlin.

The fraudsters intercepted the e-mail and responded on behalf of the client, asking for confirmation on what had been put into retirement savings and also what was still possible. The financial advisors then responded and provided a breakdown of the current tax year investments and what the client was allowed to contribute before the end of the tax year.

He says the financial advisor e-mailed the requested information and documentation to the client's e-mail address. "The documentation contained the customer information and details of the investment to be paid via EFT and also included the business's bank details."

Having received the signed document as well as the proof of payment from the client's e-mail address, the financial advisor assumed all was in order. This was then sent for processing, as they waited for the investment to clear in their bank account.

Several days later, the deposit had not been cleared and they contacted the client. The client obviously co-operated and then sent the proof of payment to the financial advisor, but this didn't match the one they had received days before.

"This is when we began our investigation on their behalf. From the evidence in front of them, it now appeared that a trusted insider working within their business had given the client the incorrect bank details in order to commit fraud," he explains.

Mc Loughlin says the client had seen an e-mail with documents that were nearly similar, except the bank details were different. "Upon investigation, the client had received the changed documents from a free e-mail service, which was a fake account using and a derivative we have seen before; they use a free e-mail service with the domain

"It became clear that the client had their e-mail account compromised, and it was not a malicious insider at the financial advisor, as initially thought. This compromise happens because people never change their e-mail passwords. Compromised passwords allow cyber criminals to access their e-mail accounts. They don't need to do anything except wait for the right e-mail to arrive," he warns.

In this case, the attackers intercepted the e-mails from the financial services company before the client saw them. They then created a cloned e-mail address on a free e-mail service and then sent the altered documents to complete the fraud.

"The reason the attacker would have then sent fake proof of payment was to delay the business from following up. This delay gave the attacker enough time to empty the fake bank account of over R300 000. This client now has lost a large amount of money, which was destined to be a retirement saving," he concludes.

J2 Software ( )

J2 Software is a security focused African technology business founded in 2006 to address the need for effective cyber security, governance, risk and compliance solutions in Africa.

The continued rise of cyber crime, identity theft and confidential data leakage drives the requirement for J2 Software's managed security service offerings, not only for competitive advantage, but as an absolute business necessity. The company offers managed cyber security services for every business. J2 Software ensures you have greater visibility to identify risky behaviour and enhance the capability to respond to prevent losses.

J2 Software delivers essential tools that empower organisations to take control of their technology spend. The company's hand-picked solutions provide complete visibility over its customers' environment, while reducing risk and lowering costs.

J2 Software has provided services and solutions to renowned enterprise corporations, with sites running in South Africa, Angola, Botswana, Kenya, Malawi, Mauritius, Mozambique, Tanzania, Uganda, Zambia, Australia, UK and Malta.

Editorial contacts
IT Public Relations Ivor van Rensburg (082) 652 8050
J2 Software John Mc Loughlin (021) 461 1223
See also