Holiday Weekend - Friday Funds Transfer Fraud
When a long holiday weekend approaches, typically Friday afternoons, the business world slows down, employees lose focus, and many key staff leaves early for the weekend.
Friday afternoon creates the perfect scenario for cybercriminals to manipulate employees into sending fraudulent payments through advanced social engineering techniques or invoice manipulation. Now more than ever, companies need to implement procedures that will help prevent and protect their bottom line from a devastating fraudulent funds transfer.
WHY THIS MATTERS
- Long holiday weekends are the most common time for fraudulent funds transfers.
- By the time the fraud is discovered, the weekend has passed, and the funds are long gone.
- Cybercriminals are using advanced social engineering techniques that are highly convincing.
- Sophisticated attacks send invoice payment requests from legitimate company email accounts.
- One fraudulent payment alone can cripple a business.
- Like many in the workforce, cybercriminals also collect their paycheck on Fridays.
The employee will receive an email from the CEO/CFO with an urgent message stating that an invoice needs to be paid by the close of business with payment instructions included. With the executive out of the office, the employee is unable to authenticate the transaction, and they quickly issue payment to satisfy their executives’ demand.
These payments can range from a few thousand dollars to a few million, and when the fraud is discovered on Monday, which by then the funds have transferred through multiple accounts, and the money is long gone.
Cybercriminals have become more sophisticated in their attacks by researching the employee’s habits, schedule, and personality traits to make the fraudulent request highly believable. This form of cybercrime is commonly known as Spear Phishing.
A new and scarier method of funds transfer fraud involves hacking an employee’s email account to send a fraudulent invoice payment request to a client or vendor, commonly referred to as Invoice Manipulation. These attacks raise serious concern because the emails are sent from an actual company account, and the attacker deletes all correspondence, without the user even knowing.
When the company follows up for their invoice payment days or weeks later, the fraud is discovered, and the money is gone. With invoice manipulation, your client or vendor is defrauded, and liability issues can arise regarding where the fault lies.
Defending against funds transfer fraud involves a combination of prevention techniques and risk transfer to a Stand-Alone Cyber Insurance policy that evolves with emerging risks, such as invoice manipulation.
- Users must implement privacy and security measures now:
- Dual Control: Implement controls that require two users to authentic funds transfers either internally, through your financial institution, or ACH/Wire Transfer partner.
- When receiving payment requests through email, simply pick up the phone to validate the transaction with the sender, especially if the request is urgent. If the sender is unreachable, contact another executive at the company.
- Verify that the sender’s email address is valid and review the message for grammatical errors or inconsistencies. If your gut tells you it is fraudulent, question the authenticity.
- Ask your clients, vendors, or customers to validate invoice requests sent through email, especially if that is not your companies typical payment method.
- If you become the victim of a fraudulent funds transfer, immediately contact your financial institution to initiate a SWIFT recall.
Stand-Alone Cyber Insurance Solutions
Stand-Alone Cyber Insurance is your go-to option when you are looking to transfer some of your residual risk (that cannot be adequately mitigated):
- Social engineering, Funds Transfer Fraud, and Invoice Manipulation coverage
- Ransomware or cyber extortion coverage, including ransom payments and/or data recovery
- Data breach coverage, including direct first-party losses and third-party liability and damages
- Business interruption coverage, including loss of profits and extra expenses incurred during a shutdown of your computer network.
- Employee training and educational tools to help prevent attacks and protect your network/data