False rumours of a profit alert and executive dismissals put the skids under G4S shares on Wednesday.
A bogus statement was emailed to journalists falsely stating that the security service firm had discovered accounting errors. The false warning (suggesting G4S profits would be restated) was sent out in an email containing a link of what purported to be the security service firm's website.
Shares slid five per cent in the wake of the incident before it was revealed that the site was fake - cloned but on a different URL (G4S-plc.com) - and the profit warning was bogus. The bogus site was identical except for the inclusion of the bogus press release missing from the genuine domain.
The false release contained fabricated quotes as well as a telephone number of an answering machine posing as an automated message from G4S's press office. The hoax may have been created by fraudsters hoping to profit from a temporary dip in the value of G4S shares. A hacktivist motive is also conceivable, especially since G4S is both controversial and disliked by Anonymous types.
The hoax was perpetrated on the same day G4S issued an encouraging trading update, the Daily Telegraph reports.
G4S confirmed the press release was fake, quickly putting out a statement entitled "Fraudulent Website" designed to dispel any remaining confusion.
We have been made aware of a fraudulent website and press release purporting to be from G4S PLC which has been released to members of the media this afternoon. The website and the announcement contain wholly inaccurate information.
Please note that all official statements by the company are made via a Regulatory Information Service and are available on this website. Any statements made through other means should be treated with caution and may well be fraudulent.
The Telegraph reports that the hoax press release was full of grammatical and factual errors as well as spelling mistakes. In addition, the faux alert failed to appear on the London Stock Exchange's RNS, an official outlet used by listed companies to distribute releases.
The bogus release appeared at the same time G4S's finance chief - a man who'd supposedly been sacked over the fictitious accounting scandal - was actually taking part in a webcast with analysts. Despite these clues some journalists and market watchers were briefly taken in by the ruse, spreading the false rumour of financial troubles at G4S through Twitter and other social media outlets.
The bogus website - registered a fortnight ago with the Enom service and directed towards a server in Texas - has since been suspended.
Contain the domains
Rob Cotton, chief exec of of security consultancy firm NCC Group, said the incident offered lessons for other publicly traded companies.
“Making sure you’ve got the right internet domains is often dismissed by executives as simply a job for the marketing department," Cotton commented. "However, we’ve got an incident here that’s affected share price, and that’s going to send tremors right up to board level."
“A website might look the part, but how can we know that it’s trustworthy? In cases such as this, where the perpetrator has gone to such great lengths to recreate the original, it’s nigh on impossible," he added.
The addition of hundreds of further generic top level domains is only going to make the problem worse, according to Cotton. “No longer will cyber criminals have just .com and .co.uk at their disposal, they’ll have .xyz, .shop and .london," Cotton concluded. ®