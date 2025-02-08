Hyderabad: Cybercriminals are scamming businesses by changing just one letter in an email address, creating fake IDs that look nearly identical to legitimate ones. Even well-informed professionals are falling victim to these sophisticated frauds. By the time the fraud is detected and reported, recovering the lost money becomes a challenge. The police warn that vigilance is crucial when dealing with financial transactions over email.
A Hyderabad-based company recently lost ₹10 crore in such a scam. The company regularly imports raw materials from a supplier in Hong Kong, with all transactions handled via email. The supplier’s usual email ID was robert@gmail.com.
One day, the Hyderabad company received an email stating that due to an ongoing audit, the supplier's bank account had changed. Without suspecting anything, the company transferred the payment to the new account.
A week later, the real supplier reached out, asking about the pending payment. Shocked, the Hyderabad company provided details of the transfer, only to learn that the supplier had never requested a change of account. When the company approached the police, investigations revealed that hackers had breached the Hong Kong supplier’s email server and monitored their financial transactions.
The cybercriminals then created a nearly identical email ID—rabert@gmail.com (swapping ‘o’ for ‘a’)—and tricked the Hyderabad company into transferring money to their account.
The Devil is in the Details
Scammers often manipulate letters to deceive their targets. Some of the most commonly swapped characters include:
- ‘i’ and ‘j’ (visually similar)
- Capital ‘I’ and the numeral ‘1’
- ‘O’ and ‘0’ (zero)
- Using subtle dots or dashes in the email ID
By making small, unnoticeable changes, fraudsters create fake emails that appear genuine.
How to Protect Yourself
- Double-check email addresses carefully—even a minor difference could indicate fraud.
- Verify bank account changes over a phone call before making payments.
- Use multi-factor authentication (MFA) for email accounts to prevent hacking.
- Enable email alerts for unusual login attempts to detect breaches early.
With email scams on the rise, staying vigilant is the key to preventing financial fraud. A single letter in the email ID can make all the difference, don’t let cybercriminals cash in on your oversight.