Cyber Threat Alert

Fraudulent Funds Transfer Friday - Labor Day Weekend

Friday afternoon over a long holiday weekend creates the perfect storm for cyberattacks. 

Now more than ever, companies need to implement procedures that will help them prevent and protect their bottom line from devastating funds transfer fraud or invoice manipulation. Businesses need comprehensive Stand-Alone Cyber Insurance to cover cyber losses they do not prevent.   


It is Friday afternoon before Labor Day weekend. Most of your team has already left except for a member of your financial accounts team. He receives an email that appears to be from you, asking for funds to be wired to a different bank account number and routing number today.  

As agreed in your dual control procedures, he gives you a quick call but reaches your voicemail because you are on a flightYour employee transfers the funds to the new bank account, logs off, and begins his holiday weekend.  

Upon arriving at your destination, you hear the voicemail message, but it is too late -- the funds are long gone.  

Next, you contact your bank, after hours, and leave a voicemail message about what happened. Their recorded message indicates that they will reopen on Tuesday at 9 am after the holiday weekend, wishing you a pleasant holiday weekend. 

While your team is enjoying some fun in the sun, fraudsters are enjoying your funds. 


Friday afternoon is a target day for fraudsters, even more so before or during a long holiday weekend, when employees and consumers are in a rush to complete last-minute transactions.

These attacks typically target employees in accounting functions. Impostors pose as the CEO or CFO (when they are out of the office) in an email (or call or text message) with an urgent message to transfer funds to a new bank account by the end of business. With the executive out of the office, the employee is unable to authenticate the transaction and carries out the executive’s instructions.

Social Engineering by cyber thieves grows ever more sophisticated, allowing them to investigate and research employees’ work habits, schedules, and personality traits to make the fraudulent request highly believable. This attack vector is commonly known as Spear Phishing because it targets an individual for a specific mission, deceiving them to take part in the theft of funds -- which can range from a few thousand dollars to a few million dollars.

Even more concerning is when impostors use an employee’s email account to send a fraudulent invoice payment request to a client or vendor. This attack vector is commonly referred to as Invoice Manipulation because it targets an employee’s email account and manipulates clients or vendors into paying the funds due to a fake bank account. The company may not discover the fraud for days or weeks later, and the money is long gone. With invoice manipulation, hackers defraud your client or vendor, and liability issues can arise regarding where the fault lies.

Defending against Funds Transfer Fraud requires cybersecurity prevention techniques as well as cyber risk transfer to a robust Stand-Alone Cyber Insurance policy that has evolved to include both funds transfer fraud and invoice manipulation.


Stand-Alone Cyber Insurance is your go-to option when you are looking to transfer some of your cyber risk (i.e., risk that you cannot fully mitigate):

  • Social Engineering, Funds Transfer Fraud, and Invoice Manipulation coverage

  • Ransomware or cyber extortion coverage, including ransom payments and data recovery or restoration

  • Data breach coverage, including direct first-party costs such as incident response, and third-party liability damages in a claim or lawsuit

  • Business interruption coverage, including loss of profits and extra expenses incurred during a shutdown of your computer network

  • Employee training and educational tools, such as phishing email testing, to help prevent attacks and protect your network, system, and data.


  • As employees and consumers, we may find dual authentication to be an inconvenience. Yet, security measures will save you time and money by preventing a cyber loss:
    • Dual Control or Two-Factor Authentication (2FA) -- A security procedure that requires two people to authenticate a bank wire or funds transfer before it is finalized.

    • 2FA -- is accomplished by a phone call to the bank wire recipient, verifying the transaction with an executive, or implementing formalized procedures with a financial institution.

    • 2FA -- is accomplished by verifying that the sender’s email address is valid and reviewing the message for grammatical errors or inconsistencies. If your gut tells you it is fraudulent, question the authenticity and double-check.

    • 2FA -- is accomplished by asking your clients, vendors, or customers to validate invoice requests to change payment details via email.

  • If you become the victim of a funds transfer fraud, contact your financial institution to initiate a SWIFT recall.


This article is made available for informational purposes and is not intended to be a substitute for professional or legal advice. No attorney client relationship is formed or implied between you and the authors(s) or Cyber Armada Insurance.
Cyber Armada Team
Posted by Cyber Armada Team on Sep 3, 2020 10:50:26 AM

Apply for Cyber Insurance Online

Answer a few questions online and Cyber Armada will design a cyber insurance policy tailored to your particular needs.

Apply Online
Apply for Cyber Insurance
Schedule an appointment with Cyber Armada

Can we talk?

We're ready to talk when you are. You can schedule an appointment to speak with a representative from Cyber Armada when it is most convenient for you. Whenever possible we use online meetings to increase productivity and increase the amount of time we can spend with you. We use Zoom Meetings as our preferred video conferencing platform.

Schedule Appointment