In a new twist on the theme, the scammers have their sights set on book manuscripts, among other things
Several global book publishing houses and an international literary scouting agency have warned their staff of a flurry of phishing emails that seek authors’ and publishers’ sensitive information, including book manuscripts, The Bookseller reports.
Penguin Random House (PRH) North America, for one, issued an urgent warning to all employees last Wednesday, coinciding with the opening of the Frankfurt Book Fair.
“We have recently seen an increase in attempts to steal our manuscripts. This has occurred in multiple locations across the globe. The individuals attempting to access these manuscripts have a sophisticated understanding of our business. We need to protect ourselves from these threats,” read the PRH email with the subject line “Important: New Phishing Alert”.
The publishing house urged its employees to be “extremely careful” about information such as “manuscripts, user IDs, passwords, social security numbers, credit card numbers, bank account numbers, W-2s [US tax forms] and/or wire transfers”.
It is understood that the scammers pretend to be literary agents and foreign-rights staff and that they send their emails from spoofed email addresses. Forging the sender’s address so that the message appears to come from a trustworthy source is an old trick in the phishers’ books.
A PRH spokesman confirmed the company’s memo about the phishing campaign and highlighted the importance of employee awareness and training for its cybersecurity program.
At least two more big names in the industry are known to have been targeted by the same campaign. This includes Pan Macmillan, which has also called on their employees to exercise caution. Another (but unnamed) publisher was quoted as saying that schemes targeting manuscripts are a new development.
Meanwhile, The Bookseller also reports that fraudsters impersonate Catherine Eccles, the owner of London-based literary scouting agency Eccles Fisher, sending out emails to literary agencies in a bid to steal authors’ personal details and manuscripts. Eccles herself suspects that “someone with knowledge of our industry and who we work with” is behind the foul play.
Needless to say, the book publishing (and self-publishing) industry isn’t spared the malicious efforts of phishers. In addition, over the years, there has also been any number of reports of scams targeting not only publishers, but also avid readers. In one rather high-profile example, J.K. Rowling herself warned Harry Potter fans about a bogus offer that promised the next installment of her wizard series, but was instead an attempt to steal their credit card details.
How do you avoid being beguiled into handing over your personal data to phishers? Reading between the lines is often your best defense. That said, you are well advised to read David Harley’s treatment of how to recognize phishing messages or pay heed to our Five simple ways you can protect yourself from phishing attacks.