Phishing and social engineering attacks to divert wire transfers or invoice payments are not new fraud techniques, but they have recently taken a back seat to ransomware as posing the greatest cyberthreat to businesses. However, over the past few weeks, we have seen a surge in new matters where the fact pattern is the same as it has been for almost a decade:
The email, of course, is not from the accounting department but from a fraudster. Sometimes the bad actor compromised an accounting department employee’s email account to find customers, steal invoices and gain an understanding of the cadence and manner of billing emails. Sometimes the bad actor compromised the customer’s email account for the same purpose and then used an email that looked enough like the vendor’s accounting department email address to trick the customer. But whatever the method of access and communication, the two entities share the same outcome: Money has been paid to bad actors, and it is highly unlikely that it will be recouped, even with law enforcement intervention.
Our team has handled hundreds of matters like this over the years, and businesses of all sizes continue to fall for this scam. One common theme of all these incidents is that most are preventable by employing certain policies, conducting awareness training and implementing low-cost technical measures.
How to Help Prevent Fraudulent Wire Instructions
Here are a few tips to lessen the risk that your business will fall victim to wire transfer fraud:
We have seen recent news stories about malicious attempts to convince clients or customers to wire money to fraudulent bank accounts. We value our relationship with you and want to provide you with information to help prevent such an incident.
First, we will never send you via email a request to wire or transfer funds to a different bank account. Any request to change wire instructions will be communicated offline. We have not changed our bank accounts or banking relationships, and we have no intention of doing so in the future.
Second, if you receive an email from us that seems suspicious, please do not hesitate to call a known contact within our organization to confirm that the email is legitimate. You should use a known phone number to call the person, not the phone number from the suspicious email, as attackers sometimes change that information and route calls to a different person.
If you want to learn more about this type of scheme, the FBI has published several alerts over the past few years about business email. These alerts can be found at https://www.ic3.gov/media/2019.aspx.
If you have any questions or concerns, please do not hesitate to contact [your dedicated point of contact] OR [name/contact information of designated person to respond to inquiries].
* * * *
How to Respond If You Discover You Are a Wire Fraud Victim
There are a number of practical concerns to address after a business discovers it has been the victim of a wire fraud scheme:
Determining What Insurance Covers: Whether insurance covers wire fraud depends on the policy. Your insurance broker can help you determine what coverage you have or could obtain for this type of loss and in what circumstances coverage responds.