Understanding & Preventing Wire Fraud

Wire fraud causes millions in losses each year and is a growing problem for small businesses.

Here are the key things to know about this crime:

• It occurs when a cybercriminal poses as a trusted source to initiate a fraudulent transfer of funds.
• The victim believes the transfer is legitimate, but the funds actually go to the criminal’s account.
• It is often accomplished by someone attempting to trick you (social engineering) in conjunction with business email compromise.
• The cybercriminal may also use urgency as a tactic to emotionally manipulate victims.

The good news is: Preventive measures can help to reduce this risk.

Let’s look at proactive solutions to two common scenarios and some additional best practices.

Scenarios & Solutions

Scenario One

A company’s CFO receives an email he believes is from the CEO. It contains an urgent request to wire funds, along with payment
instructions. The CFO completes the transfer, only to discover the email was fraudulent. The funds were transferred to an unknown account and never recovered.

Solution: The CFO always calls the CEO to verify requests to wire funds.

Scenario Two

A company’s accountant receives an email with an invoice and wire instructions from a legitimate business partner. The accountant pays the invoice, only to discover that the business partner’s email account had been compromised earlier that week. The invoice contained altered account information, which caused the transferred payment to go to the attacker’s own account.

Solution: The company has a procedure in place to verify all new wire instructions and changes to existing wire instructions.

Best Practices: How Your Business Can Help Prevent Wire Fraud

Employee Education: Train your employees to expect, identify and report potentially fraudulent emails. Simple practices – such as double-checking addresses, and noting out-of-character tone or bad grammar – make for effective prevention.

System Testing: Enlist cybersecurity experts to regularly test your system for vulnerabilities and compromises.

Verification: Require employees to verify transfer requests and changes to wire instructions using two methods. For example, if a request comes via email, require phone verification to a known number (not a number included in the email).

Dual Control: Some companies choose to require two employees to authorize and sign off on any wire transfer or change to wire instructions.

Making the Complex Simple

Wire fraud is a growing risk for businesses, but there are effective ways to help prevent it.

Contact an SBU Risk Advisor today to begin a conversation about your cyber risk profile and how SBU can help you improve it.

Saginaw Bay Underwriters has made every attempt to ensure this information has been obtained from reliable sources. Current as of: July 2022.