Scams will often originate by email and may take a few forms, including, but not limited to:
- requests for password or bank account details and links to helpful or relevant websites
- allegedly urgent need for action (e.g. payments)
- offering money
- threatening legal action if the victim does not respond
- malicious attachments made to look innocuous such as an industry update
A key element of fraud is to deceive the victim and enter some form of communication with them. This involves using the examples from the bulleted lists to trick the victim into taking an action, such as clicking on a link. In general, you should carefully check any link in emails before accessing it. For example, you should become suspicious if the link contains the name Heraeus, but in similar-looking domains such as "hereeus.com", "heraus.com" or "herraeus.com" or "heraeusgroupe.com".
For reference, valid Heraeus domains are:
- heraeus.com
- heraeusnews.com
Known fraudulent communications where Heraeus’ name has been used contained the following red flag features:
- Change in bank account details. Heraeus strongly warns our customers about providing personal information, sending money or disclosing/changing bank details due to any person claiming to represent Heraeus only via email. Heraeus will never advise of a change in our bank account details in the body of an email. If you receive an email of this nature, you should check on the telephone with a Heraeus person known to you before making payment.
- An unusual originating email address. All authentic Heraeus email addresses use a standard form – {name}@heraeus.com . Any communication purporting to be from Heraeus but not using this email format is more than likely fraudulent. Please also be aware that email addresses can be spoofed, so you should check that the reply-to address is not unusual.
- Email missing invoice attachment. In some cases, a perpetrator may send an email without attaching an invoice, to prompt the recipient to respond to request the attachment, building a degree of rapport or trust.
- Job offer. Criminals posing as employees/recruiters offer fake job positions and try to obtain sensitive information (e.g., bank details). In some cases, the victim is asked to pay for the job offer or the interview.
A communication containing any of these features is highly unlikely to have originated from any Heraeus entity and should be treated with caution. If you receive an email or invoice with any of these indicators, do not correspond with the sender. Please report the incident to it-security@heraeus.com immediately.
Please note that the above is not an exhaustive list, and we encourage you to take action with respect to any emails that seem suspicious, whether or not they contain any of the aforementioned features.
For secure communication we recommend always validating received email purporting to be from Heraeus by the following email security standards:
- TLS encryption for SMTP connections of mail servers
- SPF/DKIM/DMARC protocols to verify mail server authenticity
- [Optional] End-to-end signature & encryption like S/MIME