Mayflex, a West Midlands based leading supplier of convergedIP solutions including infrastructure, networking and electronic security, havebeen notifying their customers this week, after receiving reports that severalcustomers had been contacted with a request to change the bank details used formaking payments to Mayflex.
An initial email titled ‘Bank Email Security’ was sent outby Mayflex on the 26th February, warning of fraudulent phone calls thathad been received by a number of customers, asking them to change the MayflexBank account details they had on record.
In their notification email, Mayflex stated:
“We have recently been notified of some fraudulent activity and we would like to take this opportunity to encourage you to be vigilant about the communications you receive from Mayflex.”
Mayflex have advised to ignore any such calls and if in doubt, customers should refer to the bank account details contained in their invoice.
This type of Social Engineering attack is similar to a BusinessEmail Compromise, where the bad guys try to take advantage of the weak humanfactor, convincing them to carry out financial actions that result inlegitimate payments being processed and sent to the bad guys.
In a follow-up to their original email, Mayflex today (28thFeb) have issued a second email to customers, confirming the validity of thefirst notification as well as providing further information on the scam.
Further investigation into the incident has found that thefraudsters were not content with just using telephone calls to deliver theirscam, but they also sent letters using snail mail to try and seal the deal.
Fake letters claiming to be sent from Andrew Percival (Director)and Margaret Butterfield (Finance Director), were received by several customerswith the same goal of changing the Mayflex banking details.
“Yesterday, 27th February 2019, we have been informed that a number of customers have received Recorded Delivery letters, claiming to be sent from Andrew Percival and Margaret Butterfield of Mayflex, asking them in writing to update the bank details to which they make payments for Mayflex orders.”
“We would like to take this opportunity to inform you that this letter is not genuine, and our payment details have not changed.”
A copy of the latest email is below:
Mayflex have provided an annotated copy of one of these letters so that customers can easily identify what is real and what is fraudulent.
The number of these types of scams continues to rise, and companies should remain vigilant, and proceed with caution when they receive requests to change banking details.
If you ever receive a request to change any banking details,it is always worth directly contacting a known representative within thecompany to confirm that the request is indeed a valid one.
If you are a Mayflex customer that has received a call or a letter to change banking details, then please get in touch with Mayflex on 0121 326 7557, if you need more information.
Any companies that may have fallen victim to this fraud, please inform your bank & Mayflex immediately, and also consider raising a case on the Action Fraud website. https://www.actionfraud.police.uk/
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
