Skip to content

WARNING: “Spoofing” Attack Targets Local DM Companies

At least three DMAW member-companies recently fell victim to an Internet hack that has cost one of them several thousand dollars so far. It’s an important wake-up call that shows an Internet connection can leave a company as vulnerable to thieves as a wide-open front door.

Interpol is investigating because the money was transferred out of the United States. The investigation is ongoing and details are still coming to light, but the victims wanted to alert and warn their fellow DMers in case other local companies are also being targeted.

The first two companies involved are a large agency and a well-known printer. Evidence is still coming to light but it appears hackers gained access to the companies’ e-mails. The hacked messages laid out a road map of how the companies did business together, including invoices, payment terms, and even banking information with account and routing numbers.

The hackers cleverly created an e-mail address that looked just like the printer’s e-mail except for the addition of one letter (as in “" — the extra “r” is easy to miss). The hackers then “spoofed” the agency by pretending to be the printer and e-mailing a notice to the agency that said, “We have changed banks. Please direct all future payments to this new bank account, instead.” The agency complied. When the printer called to check on some overdue invoices, the agency replied that they had already been paid. When the printer explained they had not received the payments, the agency produced documentation for the payments they inadvertently sent to the scammers. And that’s when the fraud started to unravel. Unfortunately, the money was already long gone.

During the investigation, it was learned that a large full-service provider had also fallen victim to the same hackers. There may be others, since the hacked messages revealed to the scammers the other companies that each company does business with.

Attorneys for the first two victims agree that the money is still owed to the printer, since it was stolen by thieves before payment was made. Unfortunately, the agency must now try to recover the stolen money and at the same time pay about $8,500 to cover the still unpaid bills.

The printer said, “Some of our invoices to that agency are for several hundred thousand dollars. We’re very lucky the scammers didn’t manage to steal a payment that big.”

The agency said, “If you get instructions about billing or payments by e-mail, always verify it with a phone call.”

The National Cyber Security Alliance offers resources at that can help companies of all sizes, including programs tailored for small businesses.


Scott Huch is President of Direct Creative, Inc., in Falls Church. He is a MAXI Award-winning copywriter and serves as Secretary of the DMAW Educational Foundation. To foil Internet scammers, he creates his invoices using a clay tablet and pointed stick, and he only accepts in-person payments of seashells and wampum. Contact him at (703) 933-3845 or