While businesses of all sizes are targeted by cybercriminals, small- to medium-sized companies are often the biggest targets because they are less likely to have strong security safeguards. By employing various methods like phishing emails, compromised websites and malware, fraudsters have expanded their efforts to steal your confidential information and valuable funds.
Understanding Wire Fraud
Simply put, wire fraud is a scheme that attempts to defraud or obtain money based on false representation or promises. While situations may vary, the basic concept remains the same:
- The criminal contacts the customer with a fraudulent wire transfer request.
- The customer initiates a wire transfer request without proper verification to ensure the request is legitimate.
- The bank receives the transfer request from the customer.
- Funds are wired to the criminal’s account and may never be recovered by the customer.
Verify, Verify, Verify
By keeping a few precautions in mind, you may save yourself and your business from becoming the unsuspecting victim of wire fraud. Keep these tips in mind:
- Verify changes in vendor payment locations and confirm requests for transfer of funds. Contact the email sender or vendor—in person or by using a known telephone number—after receiving instructions to change where your funds are sent. Never initiate any changes based only on email communication or respond to the email request directly. Also, take notice of red flags like bad grammar and spelling mistakes in the email.
- Implement a call-back verification process when setting up payments for new vendors or making changes to existing vendors. Fraudsters frequently impersonate company executives to convince employees to transfer funds. By implementing a call-back verification process, you can ensure the request is authentic.
- Investigate unique requests for payment that are out of the ordinary payment arrangement by confirming them by phone with the vendor.
- Distrust any requests for secrecy or pressure to act quickly.
- Consider financial security procedures that include a two-step verification process for ACH and wire transfer payments. This process helps protect your identity and money.
- Create an intrusion detection system with rules that flag emails with extensions that are similar to company email but not exactly the same. A relatively small difference in an email extension (such as “.co” instead of “.com”) or a few letters switched in a company name (like “abccompany.com” becoming “acbcompany.com”) can direct your email from a real business to a scammer.
If you think you might be a victim of wire fraud, contact your Busey Treasury Management team, local Busey branch or our Customer Care team immediately by visiting busey.com or calling 1.800.67 | Busey.
For additional tips on avoiding wire fraud and other online scams, visit the Information Security section of Busey’s Money Matters blog.