By Dan West, Brown & Brown of Detroit Commercial Insurance Advisor
In 2017, more business is conducted online and via email than ever before. While efficiency and convenience are improved, unfortunately wire transfer attacks are increasing. Many companies rely on wire transfers to efficiently complete transactions to keep their business running smoothly- so what can they do to decrease the risks involved and protect themselves from a loss?
The Danger of Wiring Money
Criminals are becoming more creative in order to exploit weaknesses in companies’ wire transfer procedures. Some companies might not have any protective procedures in place at all. By the time a company realizes a scam has taken place, the criminals and the money are often long gone.
- “CEO Fraud”: Criminal creates an email address that mimics that of a senior executive within the company and requests that an employee wire money to a bank account they control. According to the FBI, $215 million were scammed this way between October 2013 and December 2014.
- Criminals also use other types of phishing attacks that involve impersonation of a company’s employees or suppliers.
- Malware can be used to gain access to a company’s accounts.
Risk Control Strategies
- Increase organizational awareness of wire transfer fraud and provide frequent, consistent reminders to keep everyone aware of the dangers:
- Potential danger of communications from any source that requests payment to a bank account that hasn’t previously been used for legitimate transfers.
- Criminals commonly attempt to communicate using email addresses that are very similar to those used by the company or suppliers.
- Put policies in place to detect and stop fraud, including requiring that employees follow certain procedures:
- Use a two-method verification by requiring an employee to speak directly, via phone or in person, with any individual requesting a funds transfer via email.
- Carefully review all payments before they are sent and ensure all correspondence is validated and documented in a consistent manner.
- Establish a two-part authentication process with your bank, where a high-ranking executive within your company must be contacted to authorize transfers over a certain dollar amount.
- Implement technology solutions to scan for and identify suspicious emails that may constitute attempted fraud.
Wire transfer scams can affect any company. However, awareness, strict policies and procedures, and technology solutions can prevent an attempted attack from becoming successful. Contact a Brown & Brown insurance advisor at 586.977.6300 for more information on cyber risk management.