Setting up phony websites with just a letter different from the legitimate sites is nothing new – I can remember a marketing company (now defunct) trying to persuade me to buy dozens of variations of our IT support company domain, to capture those potential customers who have “fat fingers” – we were not persuaded.
Now the threat actors are exploiting the weak procedures at the UK Companies House and registering phony companies, with the same type of spelling variations to steal from suppliers, banks etc.. Top end restaurants appear to be their main targets.
Heston Blumenthal restaurant among those targeted in cloning scam – BBC News
It is a shame that Companies House – who are quick to react if you file late – cannot find it in their procedures to assist the victims who have been fraudulently listed as company directors of these sham businesses.
Companies House is dealing with the phoney companies and has rule changes in the pipeline that will require identity verification for company directors. That does not help the current victims and whatever steps they put in place, they should not be complacent as the threat actors are very skilled in circumventing security.
Your takeaway from this
If you get a big order from a swanky restaurant – check it out carefully before you commit your money to it.
Just one more thing…
Remember your cyber security is not just about your computers and information – other things such as notes from meetings, white boards, where your printer is located, ID cards, etc., etc., should be included as well. Have a read of this:
Where are the boundaries for your cyber security? – CyberAwake
Clive Catton MSc (Cyber Security) – by-line and other articles