The FOVI scam: all companies affected

President scams hit SMEs

The false transfer order, also known as FOVI, has become the scam that every company fears. Medium-sized and large companies are the main target, and it’s up to them to take appropriate measures to prevent such acts.

FOVI is a fake money transfer scam. First and foremost, the scammer studies the company from A to Z. He finds out about employees, management and internal financial habits. All this via the Internet, which requires some knowledge of computer engineering. Today, it’s possible to obtain information on a given company by simply requesting it on certain websites. Facebook, LinkedIn, Infogreffe… These can provide very useful documents to the scammer. In other words, the swindler has access to a treasure trove that will give him the means to achieve his ends.

The criminal is about to attack. He telephones his target, who may be an employee close to the company’s financial operations, or directly to the company’s accountant, posing as the company’s manager or even the banker who manages the company’s accounts. He will demand that the victim make a bank transfer as a matter of urgency. In general, the transfer must be made to the account of a partner located beyond the French border.

The victim doesn’t suspect a thing, since the swindler has put together a solid project that’s hard to verify if you don’t have the time. Remember that the transfer cannot wait. We’re talking about the manager, after all, you can’t disobey your superior!

Like any self-respecting thief, the scammer will put into action a technical plan that enables him to hide his identity and, above all, to pass himself off as someone else. The latter will then create a false account at La Poste to enable him to access the paid service for sending registered letters. Next, he invents a legal structure and uses a domain name close to that of the company. But that’s not all! In order to appear even more credible, the perpetrator usurps the real e-mail addresses used by the company’s employees. This scammer has no shortage of know-how, as he even uses the Mailsploit flaw to hide the sender’s real e-mail address. It’s all in the bag!

This is how the thief goes about his scams. Michelin, Total, Facebook, even the Elysée Palace: neither the size nor the reputation of the company scares him, and he even has a preference for the best-rated French companies in the CAC 40.


Protecting yourself against cyber attacks

It is important that companies implement effective strategies to detect this kind of intrusion. But the first thing that needs to be done is to inform employees of the facts, so that they can be vigilant.

Every company’s IT security system needs to be regularly checked and updated. Measures should also be taken to detect any errors. For example, asking employees to enter the recipient’s e-mail address themselves, rather than replying to the e-mail. In addition, all requests for international transfers must first be verified.

If an employee suspects a scam, he or she must immediately notify his or her superiors. The latter must in turn contact its banker to suspend the payment or, if necessary, allow the funds to be turned around. However, transfers are made quickly, and often it’s already too late. It is then up to the hierarchy to lodge a complaint, providing all the information needed to guide the gendarmes.

Large companies, SMEs, the self-employed, medical practices… can all be targets of these cyberattacks. 100% of companies are currently victims of mass FOVI fraud attacks. Today, very few companies claim to have set up a system for assessing the cost of fraud. There is therefore a real need for companies to be able to deploy operational systems adapted to their organization. These must be able to demonstrate that they have complied with the guidelines of the National Anti-Corruption Agency, as stipulated by the Sapin law that came into force on June 1, 2017.

Test Altospam’s solutions!

Thousands of companies, CTOs, CIOs, CISOs and IT managers already trust us to protect their e-mail against phishing, spear phishing, ransomware, …