On March 18, 2020, the Canadian Anti-Fraud Centre ("CACF") released a bulletin warning Canadians that fraudsters are exploiting the COVID-19 global health crisis to commit fraud and cyber-crime. As a result of organizations transitioning their employees to work-from-home or remote access arrangements in response to the crisis, new vulnerabilities are appearing which existing IT infrastructures may not have contemplated.
Cybercriminals are now looking to take advantage of these vulnerabilities through a number of different scams. Wire fraud is a tried, but effective, scam fraudsters and cybercriminals often use to intercept large transfers of funds. In view of the ongoing crisis and the rise in related fraud, it is now more important than ever for organizations to consider what steps they need to take to avoid falling victim to wire fraud.
Often, the private equity industry and their portfolio companies become the targets of wire fraud. When firms announce deals to the public, they release the names of top executives and these executives become future targets for cybercriminals. Once a cybercriminal has compromised your organization's email, they wait for an opportunity to impersonate these executives and supply false wire requests or modify provided wire instructions. Alternatively, cybercriminals will extract investor lists along with their drawdown notices before modifying the bank details in the notice to direct funds to their own account.
The following are some protective measures your organization should consider to prevent wire fraud:
- Confirm who you are dealing with: One of the most effective ways to avoid wire fraud is to confirm any request or transfer instructions over the phone. This means confirming all account details and dollar amounts before the transaction occurs and following up to verify the recipient received the funds. It is also important to ensure you are using contact information that has been independently verified prior to the request for funds being made and not contact information provided with the transfer request (i.e., make sure you are speaking to the right person). False contact information included with wire transfer instructions is a common fraud technique.
- Implement Safeguards: There are a number of technical and operational safeguards that organizations can implement including: keeping operating systems and software up-to-date, installing security patches and updates as soon as they are available, installing appropriate firewalls and malware protection, incorporating appropriate administrative access controls, and implementing appropriate policies and procedures. Specifically, when it comes to work-from-home arrangements, organizations will want to ensure they have policies in place governing remote access arrangements. Our Securing Your Organization's Information During Work From Home Arrangements addresses these types of policies.
- Limit your employees' authority: It is unlikely that every employee needs the authority to approve wire transfers. Controlling who has the authority to respond to, receive and send wire instructions is a risk-minimization strategy that not only decreases the likelihood of your organization being the victim of wire fraud, but will shorten the list of people who can be responsible in the event it occurs.
- Watch for anomalies: You should be cautious of any last-minute changes to dollar amounts or account details, larger than normal transfers and multiple requests in the same day.
- Educate your employees: Your organization should continue cybersecurity training particularly staff education regarding COVID-19 cyber-attacks. Cybersecurity threats such as wire fraud scams are often designed to take advantage of unsuspecting employees. The better trained your employees are in spotting the tell-tale signs of wire fraud the more likely they can prevent it. The value of cybersecurity training for employees cannot be overstated.
- Get insurance: Cybersecurity insurance is an effective way to mitigate against potential losses resulting from wire fraud. There are several insurance options available to organizations to provide some financial protection against the various risks and liabilities associated with cyber-attacks and wire fraud.
- Act quickly: If your organization is the
victim of wire fraud, time is not on your side. Once the fraud is
discovered you should consider taking the following steps:
- 1) gather all information about the fraud including documents, receipts and copies of emails or other images;
- 2) contact the financial institution that transferred the money;
- 3) place flags on all of your accounts and change your passwords;
- 4) contact the police; and
- 5) report the incident to the Canadian Anti-Fraud Centre.
- Get the right help at the right time: In addition to obtaining executive buy-in and working with internal security, IT and legal teams, there are a range of external advisers, consultants, investigators, coaches and products available to help organizations preparing for or responding to a cybersecurity attack including wire fraud.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.