Red phishing warnings: the easiest way to not lose hundreds of thousands of dollars

A couple weeks ago, posted about Microsoft including its phishing filtering services in all of its Office 365 offerings.

While it’s still welcome news, one of our clients who already has this level of filtering is still getting hit with one variant of phishing emails: Display Name phishing.
Display Name phishing is when a bad actor sends an email using a free email service like Gmail people in your organization using the Display Name of a VIP in your organization.
The come-on encourages the recipient to redirect money to the bad actor often by buying iTunes gift cards then sending the codes off the cards to VIP (actually the bad actor). Or much, much worse: changing the routing information for an upcoming wire transfer.
An unwitting recipient might only look at the display name, see that the name matches that of their superior, and dutifully carry-out the bad actor’s wishes.
Don’t think that your staff would fall for it? In the past two months, we’ve seen our clients or their wire transfer partners send around $500,000 to the hackers.
Microsoft will undoubtedly improve their phishing filtering, but in the meantime, I’d like to implement a simple solution: put a big, red warning at the top of every email that has the symptoms of a phishing email. That is, email that:
  • comes in to your organization’s email system from outside your organization’s email system which also…
  • has a Display Name that matches that of someone inside your organization
So, for example, if you were to receive an email with the Display Name of “Jane Smith” which is your boss’ name, but it’s from, you’d see this warning:
We’re implementing this warning system for all of our clients – we’d be happy to do it for you, too!