PROJECT: KNOCKS AND SCAMS - THE MAN-IN-THE-MIDDLE SCAMS

YOU MAY SHARE THIS PUBLIC DOCUMENT

A Man-in-the-Middle (MitM) scam is a type of cyberattack where a perpetrator intercepts and manipulates communication between two parties without their knowledge. This type of attack can lead to severe consequences, including data breaches, identity theft, and financial losses.

Understanding what a MitM scam entails and recognising the warning signs can help individuals and 

organisations protect themselves from falling victim to such schemes.

READ OUR MOST RECENT PROJECT FOR MORE CONTEXT:

https://www.mikebolhuis.co.za/post/project-email-intercept-scams-on-the-rise

MODUS OPERANDI:

• Interception: 

  • The attacker first intercepts the communication between the victim and the intended recipient. 

  • This can be done by compromising a network or device, or by using techniques such as DNS spoofing or ARP poisoning.

• Decryption: 

  • If the communication is encrypted, the attacker may attempt to decrypt it. 

  • This can be done by exploiting vulnerabilities in encryption protocols or using stolen encryption keys.

• Manipulation:

  • Once the communication is intercepted, the attacker can alter the data being transmitted.

  • This could involve changing the content of an email, modifying transaction details, or injecting malicious code. 

• Relay: 

  • The attacker relays the manipulated communication to the intended recipient, who remains unaware of the tampering.

RECENT CASE MANAGED BY THE CYBER TEAM:

• Our client made a legitimate business transaction of half a million rand to a construction company. 

• Unbeknownst to the construction company, their emails were being intercepted by a scammer. 

• The scammer took the invoice intended for our client and altered the banking details before sending it. 

• As a result, our client paid a substantial amount into the scammer's account and the intended recipient remained out of pocket. 

• It was only later that both parties realised the emails had been compromised and the money had been diverted to the scammer.

RED FLAGS:

• Unusual Network Activity:

  • Spikes in data usage

  • Unfamiliar devices connected

  • Irregular network traffic

• Unexpected Disconnections:

  • Frequent, unexplained disconnections from secure sites

• Slow Internet Speed:

  • Sudden decrease in speed owing to intercepted communication

• Strange Pop-Ups or Redirects:

  • Unusual pop-ups

  • Unexpected website redirects

• Email Discrepancies:

  • Slight changes in email addresses

  • Unexpected attachments

  • Unusual language in emails

• Login Issues:

  • Difficulty logging into accounts

  • Notifications of unsuccessful login attempts

SAFETY MEASURES AGAINST THESE SCAMS:

• Use Strong Encryption: 

  • Ensure that all sensitive communication is encrypted using strong encryption protocols. 

  • Use secure websites (HTTPS) and enable encryption for email and other communications.

• Verify Certificates: 

  • Always verify the authenticity of SSL/TLS certificates when accessing websites. 

  • Do not ignore browser warnings about certificate issues.

• Secure Wi-Fi Networks: 

  • Avoid using public Wi-Fi networks for sensitive transactions. 

  • Use a virtual private network (VPN) to encrypt your internet connection.

• Update Software: 

  • Update all software regularly, including operating systems, browsers, and security applications, to patch vulnerabilities that attackers could exploit.

• Enable Two-Factor Authentication: 

  • Use two-factor authentication (2FA) for online accounts to add an extra layer of security.

• Monitor Network Activity: 

  • Monitor network activity for any signs of unauthorised access or unusual behaviour.

More and more companies are contacting SSS regarding these "man-in-the-middle" scams.

This alarming trend underscores the increasing prevalence and sophistication of such cyberattacks, which pose significant risks to businesses of all sizes. In response, our Cybercrime unit has been exceptional in their efforts to investigate these crimes, providing critical support and expertise to affected organisations.

Specialised Security Services invites the public to the Mike Bolhuis Daily Projects WhatsApp Group.

This group is important in delivering insights into the latest crime trends, awareness, warnings and the exposure of criminals.

HOW TO JOIN THE MIKE BOLHUIS DAILY PROJECTS WHATSAPP GROUP:

• Follow the link to our WhatsApp group:

  • https://chat.whatsapp.com/FgPQLwplgk4LRxFXBFz7gL

• "JOIN" to ensure you never miss our daily updates.

• You will receive automatic notifications as soon as a new project is posted.

CONTACT MR MIKE BOLHUIS FOR SAFETY AND SECURITY MEASURES, PROTECTION, OR AN INVESTIGATION IF NEEDED.

ALL INFORMATION RECEIVED WILL BE TREATED IN THE STRICTEST CONFIDENTIALITY AND EVERY IDENTITY WILL BE PROTECTED.

Regards,

Mike Bolhuis

Specialist Investigators into

Serious Violent, Serious Economic Crimes & Serious Cybercrimes

PSIRA Reg. 1590364/421949

Mobile: +27 82 447 6116

E-mail: mike@mikebolhuis.co.za

Fax: 086 585 4924

Follow us on Facebook to view our projects -

https://www.facebook.com/MikeBolhuisOfficial

EXTREMELY IMPORTANT: All potential clients need to be aware that owing to the nature of our work as specialist investigators there are people who have been caught on the wrong side of the law - who are trying to discredit me - Mike Bolhuis and my organisation Specialised Security Services - to get themselves off the hook. This retaliation happens on social media and creates doubt about our integrity and ability. Doubt created on social media platforms is both unwarranted and untrue. We strongly recommend that you make up your minds concerning me and our organisation only after considering all the factual information - to the exclusion of hearsay and assumptions. Furthermore, you are welcome to address your concerns directly with me should you still be unsatisfied with your conclusions. While the internet provides a lot of valuable information, it is also a platform that distributes a lot of false information. The distribution of false information, fake news, slander and hate speech constitutes a crime that can be prosecuted by law. Your own research discretion and discernment are imperative when choosing what and what not to believe.

STANDARD RULES APPLY: Upon appointment, we require a formal mandate with detailed instructions. Please take note that should you not make use of our services – you may not under any circumstance use my name or the name of my organisation as a means to achieve whatever end.

POPI ACT 4 of 2013 South Africa: Mike Bolhuis' "Specialised Security Services" falls under Section 6 of the act. Read more here: https://mikebh.link/fntdpv

SSS TASK TEAM:

https://mikebh.link/2fkmx6

Copyright © 2015- PRESENT | Mike Bolhuis Specialised Security Services | All rights reserved.

Our mailing address is:

Mike Bolhuis Specialised Security Services

PO Box 15075 Lynn East

Pretoria, Gauteng 0039

South Africa

Add us to your address book

THIS PUBLIC DOCUMENT WAS INTENDED TO BE SHARED, PLEASE DO SO.