Here’s a ‘same old story’ we hear often:
During a transaction with a usual client an email is received requesting a change in wiring instructions. The email chain appears to originate from the same client as always. Wiring instructions are changed and large amounts of money for one or more invoices is sent via the new path. Some time later the client reaches out to request payment of the same invoices. It is then uncovered that fraud has taken place and the payments were sent to an unknown account. The money is gone.
While there are a few ways this can happen, we often find that the ultimate source is a weak email password. (Email spoofing is also common, which we will address at another time.) Someone’s email was compromised and a third party has been watching and waiting for an opportunity to insert themselves into a transaction. This type of attack can be difficult for small and medium businesses to detect before it’s too late.
What can you do?
Some basic (and inexpensive) things you can do to help prevent these attacks are as follows:
Have strong passwords that are updated regularly.
You don’t want a third party reading your emails or pretending to be you. Your passwords, therefore, should be strong and updated regularly. We know that no one likes to update passwords. Is it worth a few hundred thousand dollars lost to you?
Implement user training solutions for employees.
Your team members should be looking for ‘out of the ordinary’ indicators during their email correspondences. Was there a change in tone, demeanor, or grammatical errors? How does the email signature look? All in all, employees can’t be aware that there is a threat unless someone has explained the threats to them.
Have policies in place to confirm changes to wire instructions.
Put simply, do not accept instructions to change wiring instructions over email alone. Nor should you follow up about the change with a number provided on the email. Anyone receiving instructions to change wiring info should pick up the phone and call the client and receive confirmation over the phone. Make this a policy in your organization and you will save hundreds of thousands of dollars.
Reward suspicion and have a ‘security culture.’
What is more valuable in your organization; completing transactions quickly or doing due diligence to ensure secure transfers? What you reward is what your team will give. Reward those who go out of their way to be careful. Discuss the threats openly. Make it known that security is something that the organization is extremely concerned about.
Business Email Compromise is real and wire fraud is happening every day. Do not delay to prepare or you will likely be calling a cyber team with this ‘same old story’!
If we can help secure your network, the cyber team at Tuearis Cyber is standing by!