Oakville, January 2024 – During the holiday season, one of our partners fell prey to what we now understand to be a “man in the middle” + “domain spoofing” cyber attack. Incidents like this illustrate the importance of our cybersecurity protocols.
On Thursday January 4, 2024, it was brought to our attention that there was a spoofing attack using a fraudulent domain, asking to change banking details to send money to a fraudulent third-party. Unfortunately, the partner did not attempt to verify the authenticity of the communication. After a thorough investigation, it is clear that the malicious actors did not and do not have access to NVT Phybridge email servers.
We would like to assure our partners and customers that NVT Phybridge takes extreme preventive measures to prevent these types of attacks and safeguard our stakeholders. We are in communication with the partner to help them resolve and strengthen their cyber security measures to assist in safeguarding their operations.
Here are some of the ways we help protect our employees from malicious actors.
- Email Signature Disclaimer: Outline expected communication methods in email signatures to, including payment processes and information change requests.
- Email Banners for New Senders: Add clear disclaimers to incoming emails from unrecognized or infrequent senders.
- Multi-Factor Authentication (MFA): Secure employee accounts using MFA to prevent unauthorized access.
- Domain Purchase Strategy: Proactively purchase similar domains to prevent spoofing.
- Additional Confirmations for Payment Establishment and Routing Change Requests: Modify procedures to include multiple confirmations for payment-related processes. NVT Phybridge requires multiple confirmations before approving payment-related processes.
We have reported the fraudulent domain to Google and the EU domain authorities, as this domain was registered in Holland. The fraudulent domain did not have DNS details for the domain, hosting, or MX records, which clearly points to a spoofing attack.
The Use of AI in New Scams
Given the advancement of AI, malicious actors are now becoming even better in recording voices and creating fake phone calls. Here is how to protect yourself personally and professionally from these types of attacks.
- If you receive a call from an unknown number, let it go to voicemail.
- If you answer the phone from an unknown caller, do not start talking. Wait for the caller to speak first. Some malicious actors want you to speak and record your voice.
- If the caller introduces themselves as a friend or a known person but the call is from a different or unknown number, it is recommended to hang up and call them back from the known or saved number, rather than asking them why they are calling from a different number.
- Do not click links received from a text message. If the text is from a bank or an organisation you believe you should be receiving the text, always cross verify the domain name. Look out for subtle changes, like a “zero” instead of an “o” or “b” in the place of a “d”.
If you have an upcoming IP/IoT modernization project, we would love to help! Click below to book a one-on-one meeting with one of our Digital Transformation Consultants.