My friend is painter in Canada and he had some amount due with his some of the customers. Its been couple of days his email got hacked and hacker requested payment from his customers through email transfer(through Interac) to different email address. Its hacker’s email address (Inbox me to get email) not my client’s email. One of the customer paid $2000.
Some of the mistake my friend did:
- Using easy to remember password.
- Not using security features like 2FA.
- Using apple notes to remember passwords.
Now he has reported to police for investigation.
Anyone have idea what to do next?
What can of action can be taken from our side?
How to know who is the hacker or scammer?
1 Like
i have a question, what makes you sure it was A hacker who did this, by the looks of your friends mistakes it could be anyone who was in his social circle or work space who knew about the due payment and then acquired the password of his email and now did this.
2 Likes
It can be from his circle but email address money transferred to seems like only scammers create those kind of email.
If they can acquire the password making an email like that is not difficult, anyway you can ask the customer to confirm from this bank where did the money transfer happen other than that you will have to wait for the Authorities to finish their investigation and your friends needs to learn about cyber security in this day and age to prevent this from future.
See first of all as positive note every hacker can make mistake but tracing via mistake is hard.
if he would have hacked via apple notes might be hacker dropped trojan to any of his device which he use apple account .Mostly targeted a single person in hack or there is similar hack happen cyber team will trace them by hacking mode used by hacker and re trace it back but if hacker usually mutate his method lets experts can try them
there are chances that its a target based attack. Well you can determine the flow of money from your customer bank account transaction details , sending an email to bank for fraud transaction on customer end would help a lot maybe.
Looks like inside job to me.
How ever paymet is esily traceable via senders bank.
!