Jersey firms have been made a target of cyber-attack, in what experts are calling it “impersonation attacks”. These attacks have been conducted against some large jersey companies and businesses who are are being sent false invoices as well as payment requests that are near identical to the real version (apart from payment details).
The attack is believed to be the labour of months of work by organized cyber-criminals who monitored emails an even learned and mimicked the writing styles and idioms of staff members to help improve the reliability of their forged documents.
Some smaller Jersey companies were attacked with a similar cyber-attack last year, which is believed to be an attempt by cyber-criminals to see “how Jersey works” before planning on sending a wave of assaults on bigger firms.
This attack has targeted at least seven firms in the financial sector and the legal sector. They have stolen hundreds of thousands of pounds. It has been claimed that one firm lost around £800,000 in a single business deal after being supplied with false bank details for a property deal. The firms which were attacked have contacted their banks and insurance companies.
Jersey Financial Services Commission has delivered a statement calling out all businesses and Islanders to be “extra vigilant” as more attacks are to come.
Director at cyber-security firm Logicallis, Ricky Magalheas claims that hundreds of fraud emails have been sent out and their staff are being given training on how to protect them.
He said, “This is a specific attack against Jersey. I have seen this sort of thing elsewhere, in places like Poland, but this is the first time I have seen it here.
We had a similar thing with a few smaller firms last year over here and it appears they were trying to learn how Jersey works before targeting the big firms.
They are trying to pressurize people into sending money by saying things like, “This property sale is going through on Friday. You need to send the money now”.
They are also saying things in emails like “How are you?”, “How are the kids?” or ‘‘Isn’t the weather nice?” – they have been studying how people communicate when dealing with each other and are targeting groups of firms which work together.
He added saying that education the staff about cyber-security is the best way to prevent such impersonation attacks.