Protecting Against Wire Fraud and Man in the Middle Schemes
Thursday, February 7, 2019
protecting against wire fraud, phishing, scammers
Print Mail Download i

The scammers continue to find easy ways to dupe unsuspecting businesses into sending information or money to them. It used to be that we had to address vast fraud schemes with phishing emails requesting the W-2s of employees. That is child’s play now as most companies are aware of the scheme and don’t fall victim to it.

Similarly, in the past year, we have seen a dramatic increase in wire fraud and man in the middle schemes. These schemes usually start with a sophisticated phishing email that an employee clicks that looks like it is from a trusted vendor, who has spoofed the signature line of the vendor and asks the employee to pay the outstanding invoice.

During the email trail, which can go back and forth on multiple occasions, the intruder will tell the employee that when they pay the outstanding invoice, the vendor has changed its bank account and wiring instructions, or is switching from the old paper check system to ECH and to use the wiring instructions in the email.

The money is wired per the email instructions to a legitimate bank in another state (that the hacker has opened online with someone else’s identity) and by the time the company finds out, the account has been drained. Sometimes the account can be frozen (usually within three days), but it is rare that the company knows in time to notify the bank and request that the account be frozen.

In this day and age, wiring instructions provided by email should never be trusted. If anyone requests payment to a new bank account or through ECH, major red flags should go up. Any requests should be confirmed in another way to properly authenticate the request, such as a telephone call to a known contact.

The hackers spoof the signature line of a known contact and put their own email and telephone number in the signature line, so when the employee calls to authenticate the instructions, the hacker is on the other end of the line. Those checking authentication should not email the hacker back through the existing email chain but should start a new chain to the trusted contact, and not call the telephone number in the signature line, but the telephone number that the employee looks up separately in existing contacts or on the company’s website.

You all know that my mantra these days is for employees to be “wicked paranoid.” Those handling wires in your company should be aware of these schemes, be educated about them to be prepared for them and be wicked paranoid.

Copyright © 2024 Robinson & Cole LLP. All rights reserved.

Current Legal Analysis

More from Robinson & Cole LLP

Privacy Tip #395 – GM Faces Class Action for Collecting + Disclosing Drivers’ Data Without Consent
by: Linn F. Freedman
AI, Government Contractors, and Employment Discrimination
by: Data Privacy & Cybersecurity Robinson Cole
Chicago’s Application of Parking Regulations Violates RLUIPA
by: Eden (Hunter) Yerby
The Department of Education Releases Significant Revisions to Title IX Regulations
by: Kathleen E. Dion , Seth B. Orkand
Privacy Tip #394 – Colorado Amends Privacy Law to Include Neurodata
by: Linn F. Freedman
New Threat: Scattered Spider International Coalition of Hackers
by: Linn F. Freedman
Joint Guidance Published by Five Eyes on Deploying AI Systems Securely
by: Linn F. Freedman
U.S. Government Intervenes in Case Alleging Unauthorized Disclosure of CUI
by: Data Privacy & Cybersecurity Robinson Cole
DoorDash Settles with California Attorney General for Alleged Violations of the CCPA
by: Kathryn M. Rattigan
The State of AI Governance and Diversity: Takeaways from the AI Index Report
by: Blair V. Robinson

Upcoming Legal Education Events

 

NLR Logo

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up to receive our free e-Newsbulletins

 

Sign Up for e-NewsBulletins