Emails from Reckon causing spam emails

  • 2
  • Problem
  • Updated 5 months ago
Problem below emailed yesterday to advantage@reckon.com; onlinesupport@reckon.com - no response,  Called this morning - on hold for 15 minutes.  I need to do end of month invoicing and statements.

We have had an issue with spam emails advising clients of new bank details or following up payment as per below.  Our IT contractors have investigated and have told me to advise you that Reckon’s email servers are being used to spam people.    Could you please advise if I need to post on the Reckon Community ?

 
Photo of Emma White

Emma White

  • 412 Points 250 badge 2x thumb

Posted 5 months ago

  • 2
Photo of Rav

Rav, Community Manager

  • 86,880 Points 50k badge 2x thumb
Hi Emma,
Thanks for raising this. Can you please advise what sort of investigation your IT contractors conducted?
We're extremely confident in the integrity and security of the Hosted platform but it would great if we can get a better understanding of what's happened.

I've seen reports of similar cases in the media where the email account itself is compromised and emails altered with falsified new bank account details. In some cases these individuals monitor the email activity and business for an extended period of time to gain familiarity with who & how it operates.
https://www.smh.com.au/business/small-business/devastating-blow-homewares-business-hit-by-apparent-email-scam-20180813-p4zx4y.html

https://www.smh.com.au/business/companies/bensons-sues-banks-over-1m-email-fraud-20180911-p5030q.html

Also, have you gone through and changed all passwords including all your email account passwords, Hosted service passwords for all users etc?
Photo of Emma White

Emma White

  • 412 Points 250 badge 2x thumb
Hi Rav,

Please see below example of spam email - clients email and name removed.  The IT contractors have conducted Level 3 investigations and advised it happened because someone has gotten my password for Office 365.  All passwords have been changed.

From: accountshosted@reckon.com <accountshosted@reckon.com>
Sent: Wednesday, 24 April 2019 12:10 PM

Subject: Re: Invoice from Vision Design Metal Fabrication PTY LTD
Importance: High

 

To ,

Please advise when invoice will be paid as we need funds urgently. Our bank communicated with me today, informing me that a customer deposited a check with no funds in our account on today. Due to this, all our outgoing and incoming payments are currently on hold.

 

We are currently using our new bank account to receive payment, Please confirm your understanding so I can forward bank details for payment

 

I regret all the inconveniences that this may cause, I await urgent confirmation you have received this payment request.



Thanks & Kind Regards,


Photo of Rav

Rav, Community Manager

  • 86,628 Points 50k badge 2x thumb
Thanks for getting back to me Emma and its good to hear you've secured the compromised email account.

To ensure we've covered our bases from our end as well, could you please provide the following to me an in email to community@reckon.com. Do not post the below details on the public forum.

  • Your Reckon Accounts Hosted UserID/UserName:
  • Copy of the email sent as attachment in a new email (NOT forwarded). This ensures all headers are intact:
  • Exact date & time the email was sent:
  • Details of the name and location of the QBW ie. which Shared Folder or user's Q drive its located on
  • Written permission to take a copy of the QBW for investigation
  • Admin Password for the file (if any)