The FBI’s Internet Crime Complaint Center (IC3) reported that Internet crime complaints increased by 70% in 2020 with internet losses and scams over $4.2 billion. Hackers use email phishing and fraudulent wire transfers as some of the most popular ways to steal money from businesses. Thankfully, there are practical strategies to implement in 2023 to keep your business protected from these common scams.
Why are these scams so common, and so costly? How can a hacker get access to your business email account? How do businesses fall victim so often to fraudulent wire transfers? Hackers and scammers are very talented and motivated at tricking individuals into directly wiring them hundreds of thousands of dollars. Even Google and Facebook have fallen victim to this type of cybercrime. Small and medium business owners are prime targets of email phishing and wire transfer fraud, so taking proactive measures is critical to keeping your business safe.
A typical wire transfer fraud starts with a business email account getting compromised through an email phishing attack or a compromised password. Once the fraudster gains access to the business email account, it can monitor and intercept legitimate emails about planned wire transfers. At exactly the right time, the hacker impersonates the email owner or vendor arranging a wire transfer and updates the financial account information to the hacker’s own bank account.
This scenario may sound very far-fetched and like it may never happen to you. That’s exactly what hackers want you to think. They hope you will remain complacent and ignore cyber risks so they can get their hands on your hard-earned money.
Here are 4 strategies to implement in 2023 that can help keep your business protected by preventing fraudulent wire transfers.
1. Keep Your Business Email Secure
The best way to prevent yourself from being tricked by an email spammer is to safeguard your business email with multiple layers of cyber security protections. A complex password is a great first step, but if that password gets stolen, a hacker has access to all your emails. Adding another layer of multi-factor authentication is a FREE option available with all Microsoft 365 accounts and provides another block for hackers.
2. Have Financial Controls & Processes in Place for Wire Transfers
When you are setting up and changing wire transfer information for your business vendors, make sure to have processes and controls in place to prevent errors and stop scammers in their tracks. Some examples include NEVER using email to set up wire transfers and always confirming by phone with a known and independently obtained phone number of the sender. When your business assumes that every possible step in setting up wire transfers can be fraudulent, you’re staying vigilant and keeping hackers at bay.
3. Always Be Aware of Signs of Possible Fraud
If something looks suspicious, make sure you take action to verify information! Pay attention for stilted or incorrect grammar, inappropriate capitalizations, spelling errors, incorrect punctuation, and subtle address changes (ex: lower case “i” instead of lower case “l”). Carefully inspect the email address and contact information of the sender of any wire instructions – this is a red flag for an email phishing spoofing attack.
4. Have Cyber Insurance in Case the Worst Happens
If you do fall victim to an email account compromise and a wire transfer fraud, the first thing to do is to contact the institution receiving the wired funds and the FBI’s Internet Crime complain Center (IC3). If the fraud is quickly detected within a few hours, the bank or the FBI might be able to recover the money. Unfortunately, not all fraud is quickly detected, so an up-to-date cyber liability insurance policy is critical. This type of insurance can cover monetary loss from cyber fraud. This insurance is not just a quick check written to your business for all funds lost, however; there are regulations and policies as to what may or may not be covered depending on your policy and cyber security protections used in your business.
Stay ahead of cyber criminals by implementing these strategies. Cyber criminals are waiting for your team to make one small mistake that can lead to a compromised business email account and fraudulent wire transfer. Start off 2023 strong and take your business’s cybersecurity seriously.
