Emails from Reckon causing spam emails

Emma White
Emma White Member Posts: 13
edited April 2019 in Accounts Hosted
Problem below emailed yesterday to advantage@reckon.com; onlinesupport@reckon.com - no response,  Called this morning - on hold for 15 minutes.  I need to do end of month invoicing and statements.

We have had an issue with spam emails advising clients of new bank details or following up payment as per below.  Our IT contractors have investigated and have told me to advise you that Reckon’s email servers are being used to spam people.    Could you please advise if I need to post on the Reckon Community ?

 

Comments

  • Rav
    Rav Administrator, Reckon Staff Posts: 15,305 Community Manager Community Manager
    edited April 2019
    Hi Emma,
    Thanks for raising this. Can you please advise what sort of investigation your IT contractors conducted?
    We're extremely confident in the integrity and security of the Hosted platform but it would great if we can get a better understanding of what's happened.

    I've seen reports of similar cases in the media where the email account itself is compromised and emails altered with falsified new bank account details. In some cases these individuals monitor the email activity and business for an extended period of time to gain familiarity with who & how it operates.
    https://www.smh.com.au/business/small-business/devastating-blow-homewares-business-hit-by-apparent-email-scam-20180813-p4zx4y.html

    https://www.smh.com.au/business/companies/bensons-sues-banks-over-1m-email-fraud-20180911-p5030q.html

    Also, have you gone through and changed all passwords including all your email account passwords, Hosted service passwords for all users etc?


    ℹ️ Stay up to date with important news & announcements for your Reckon software! Click HERE for more info.

  • Emma White
    Emma White Member Posts: 13
    edited April 2019
    Hi Rav,

    Please see below example of spam email - clients email and name removed.  The IT contractors have conducted Level 3 investigations and advised it happened because someone has gotten my password for Office 365.  All passwords have been changed.

    From: accountshosted@reckon.com <accountshosted@reckon.com>
    Sent: Wednesday, 24 April 2019 12:10 PM

    Subject: Re: Invoice from Vision Design Metal Fabrication PTY LTD
    Importance: High

     

    To ,

    Please advise when invoice will be paid as we need funds urgently. Our bank communicated with me today, informing me that a customer deposited a check with no funds in our account on today. Due to this, all our outgoing and incoming payments are currently on hold.

     

    We are currently using our new bank account to receive payment, Please confirm your understanding so I can forward bank details for payment

     

    I regret all the inconveniences that this may cause, I await urgent confirmation you have received this payment request.



    Thanks & Kind Regards,


  • Rav
    Rav Administrator, Reckon Staff Posts: 15,305 Community Manager Community Manager
    edited April 2019
    Thanks for getting back to me Emma and its good to hear you've secured the compromised email account.

    To ensure we've covered our bases from our end as well, could you please provide the following to me an in email to community@reckon.com. Do not post the below details on the public forum.

    • Your Reckon Accounts Hosted UserID/UserName:
    • Copy of the email sent as attachment in a new email (NOT forwarded). This ensures all headers are intact:
    • Exact date & time the email was sent:
    • Details of the name and location of the QBW ie. which Shared Folder or user's Q drive its located on
    • Written permission to take a copy of the QBW for investigation
    • Admin Password for the file (if any)


    ℹ️ Stay up to date with important news & announcements for your Reckon software! Click HERE for more info.