Dura-Tech joins together with LeadingIT Learn more
Our knowledgeable team will support you organization, allowing your staff to get the most out of your technology.
We implement layers of protection to ensure your organization is secure.
Using best practices, we proactively protect your organization from becoming a victim of cybercrime.
As a Datto Blue Diamond Partner we secure your data with industry leading backup and disaster recovery solutions.
LeadingIT understands the technology needs of your business and offers computer, network and cybersecurity support to help you get the most out of your technology.
Read why businesses small and large across Wisconsin, Illinois and Indiana choose LeadingIT.
Working at LeadingIT means joining a group of people obsessed with taking on the real challenge of cybersecurity and helping businesses.
Stay up to date on the latest security threats your business faces and get tips on how to stay protected and informed.
This particular scam, a cybercriminal often impersonates an executive and sends a “spoofed” email to a carefully selected target that generally has access and authority to transfer large sums of money on behalf of the company. Unlike traditional phishing schemes, these scams are well researched. Successful hackers surf social media sites of the target employee, review corporate web pages for contact information, and read professional writings to gain insight into the corporate culture as well as the individual characteristics of the target employee. The objective is to convince the targeted employee to send money.
In fact, there have been more than 8,000 victims and $800 million in losses, according to the FBI. There has been a significant increase in the frequency of wire transfer scam attacks against accounting functions. Read this now or risk losing thousands (if not more).
Wire transfer fraud: Is your company vulnerable?
Potential issue: Companies use email, which when implemented without authentication services can lead to email spoofing or forgery. Criminals can and regularly do take advantage of the inherent weakness of email systems. Further, many corporations do not have business process workflow systems for initiating and approving wire transfers including a process for authenticating requests.
Unfortunately, many organizations rely too heavily on telephone or email communications as part of their wire transfer workflow. When it comes to an email initiation and approval of a wire transfer, criminals may have an opportunity to initiate wire transfers for their benefit. When that happens, thousands of dollars can be lost through fraudulent wire transfers.
Potential methods of compromise:
Social engineering: Criminals acquire information about prospective victims and trick people, such as customer service agents, corporate executives, advisors, and corporate attorneys to help them complete a wire transfer.
Spear phishing: Criminals target individuals within an organization that they have identified, perhaps through social engineering, as potentially responsible for wire transfer processes.
Masquerading: The takeover of an email account, usually a senior executive. The criminal can take over a legitimate email account or create a fraudulent email account that appears to be legitimate. Then the criminal “masquerades” as the executive and requests the wire transfers to take place.
Spoofing: creation of email messages with a forged sender address. It is easy to do because the core protocols do not have any mechanism for authentication. Spam and phishing emails typically use such spoofing to mislead the recipient about the origin of the message.
“Want more IT security strategies? Download our free report, The 7 Most Critical IT Security Protections Every Business Must Have In Place Now To Protect Themselves From Cybercrime, Data Breaches And Hacker Attacks.” Click here to get instant access:
©2022 LeadingIT. All Rights Reserved.