Business email compromise and related scams are causing huge losses. The FBI reports that between June 2016 and July 2019 global losses were over $26.2 billion and over $10 billion in the United States.
Fortunately, there are ways to reduce the chance of becoming a fraud victim and increase the chances of recovery. Law firm Locke Lord has laid them out in a recent newsletter (https://www.lockelord.com/newsandevents/publications/2012/03/WTF-Steps-to-Reduce-Wire-Transfer-Fraud-Risk).
First, there are technical steps:
- Ensure desktop and web applications use the same software.
- Legacy email protocols can be used to circumvent multi-factor authentication; consider if they are still necessary.
- Ensure changes to mailbox login and settings are logged and retained for at least 90 days.
- Enable security features that block malicious email.
- Enable multi-factor authentication for all accounts.
- Prohibit automatic forwarding of email to external addresses.
- Monitor email exchange server for changes in configuration and custom rules for specific accounts.
- Create a rule to flag emails where "reply" and "from" addresses differ.
- Add an email banner to messages from outside the organization showing they are from an external sender.
Have policies with your bank to verify transactions to new accounts or above designated thresholds, and steps in the event of a misdirected electronic payment. Have written agreements with customers, clients and vendors to verify account changes or payments above threshold, including contacts. Contracts should allocate responsibility and indemnification for misdirected payments.
Payment processes should flag new or unexpected details, including contact with an independent source to confirm using a different method from the instruction. Audit accounts for unexpected transactions or new details.
Employees must be trained to spot fraudulent emails. read addresses closely including domain names to check for misspellings. Check the tone, grammar, vocabulary and spelling including proper names for anything unusual. Use of "British" rather than American English may be a clue the sender is an impostor. Resist pressure to act immediately.
if you are tricked into a wire transfer fraud, the sooner you discover and respond the better. Your response plan should include a contact list; banks, the FBI, police and insurers. Make sure the plan is current.