Everyone in the world knows if you need money for a new business, it makes sense to seek out a Venture Capitalist to work with. But where do they get their money from? Well, the people who give VCs money are called Limited Partners. Or LPs for short.
Maybe you knew that already; and because of the Willie Horton law, (rob banks because that is where the money is) so do the bad guys. So, it should be no surprise that there is a major fraud live right now against LPs that is being perpetuated all too frequently. These deceitful threats are targeting LPs because of their tie to money and financial account credentials and sensitive data.
It’s important to learn about these scams, and take proactive action to avoid falling victim to these LP scams.
How the Limited Partners Scams Work
First, a threat actor registers a typo-squatting domain that appears to be close to a VC’s domain name. In this specific scam, the threat actor then initiates communication with the LP using the email address of the look-alike domain. In some cases, they may even have a LinkedIn page saying they are a partner at the VC firm.
A website using the domain may or may not go live. The Bolster Research team has seen examples where the site does go live, using pilfered content from the real site. We have also seen sites that link directly to the real site. In both cases, the scam site looks exactly like the real site because in one case it replicates the actual content, and in the other case it is the real site.
But the real tricky part is the communication piece of the puzzle. These scammers are experts at impersonating VC firms: They know the lingo. They drop names. And it is often not just one person impersonating the accounts, but several of them, including the partners, admins, the finance person, the list goes on and on…
Eventually, the LP victim ends up wiring money to the threat actor, and: Kaboom! It is often a payday for the threat actor akin to winning the lottery.
How to Combat Wire Fraud Scams
These types of scams are hard to stop. Most LP’s do not have a service looking for misbehaving, lookalike domains of VC’s. If they did, they would need it for every firm they invested in. And then for VC’s, if they use Bolster’s domain protection technology like businesses around the world do, they do have a service on their side looking for this type of thing.
But those results are not easily available to the LP. The VC could give them to the LP, but how? And when? At Bolster, we have a solution to that problem, one that was actually introduced to our team by a VC customer.
Bolster’s Email Protection Technology
Bolster has a huge list of typosquat domains, and we conduct thourough scans of each domain daily. Domains that are identified to have suspicious activity, or are hosting branded assets, are labeled as “suspicious” by Bolster. If the typosquat domains have an MX record, indicating intention to send emails to unsuspecting users, that is a huge issue.
So, to combat these malicious domains, Bolster will push potentially dangerous domains into the email system block list (usually Outlook) and prevent emails from those domains from going out and reaching the intended victims. This integration is very easy to do, does not require scripting, and takes only a few minutes to implement.
For a VC’s business partners, (i.e. the LPs), Bolster will also push the same data to their blocklist with the same easy to use integration methodology. This protects the VC’s business partners even though the business partner is not a Bolster customer.
This “supply chain” solution is unique. It is super powerful because it is very effective at stopping this type of fraud.
For more information into Bolster’s integrations, and how we can easily fit into your email system block list to prevent phishing emails from reaching your business, contact us today.
