Delivering Expert Cyber Security Solutions to small & medium-sized businesses

We focus on educating, transforming and protecting our clients from cyber threats

Learn About GoldSky

Addressing The Rapidly Growing Threat of Wire Fraud

As the digitization of financial services and transactions continues to surge, wire fraud has also become one of the fastest growing threats. Cybercriminals are devising various means and strategies for committing wire fraud. Fraudsters are looking for the slightest opportunity to breach wire instructions and commit fraud. Hence, making it difficult, unsafe, and insecure for businesses to initiate wire transfers without due diligence and best practices in place in order to avoid falling into the traps.

In this article, we shall look at wire fraud at a glance, some red flags to watch out for, and various measures that could be put in place to prevent wire fraud. We shall also recommend some tips and best practices to ensure that businesses do not fall victim to wire fraud perpetrated by cybercriminals.

WIRE FRAUD AT A GLANCE

Wire fraud disrupts the operations of businesses and impacts the reputation of companies. According to Federal Law 18, U.S.C. § 1341, wire fraud is any fraudulent activity that occurs via the telephone or internet with the intent to scheme someone out of money. Wire fraud attack is one of the most common cybercrimes, and in most cases, starts with email compromise attempts.

In a recent webinar, GoldSky featured various types of wire fraud and how to prevent them. I encourage you to go through the webinar for expert insight and clarity on the different trends, tactics, and procedures threat actors employ while conducting a wire fraud.

Red Flags to Watch-out For

Wire fraud is attractive to cybercriminals because it often involves the swift movement of a large sum of money.  A report released on March 21, 2021 by the FBI shows that internet crime complaints soared in 2020 by 69.4%, with 19.369 business email compromise (BEC) and email account compromise (EAC) complaints. It calls for a proactive and preventive approach to help figure out red flags before hitting the button to send any wire transfer.

Below are some red flags to watch out for whenever you are involved in any wire transfer:

  • Double-check the email address and ensure it is correct and coming from the right source.
  • Beware of a sense of urgency asking you to make a transfer immediately.
  • Do not respond to suspicious emails seeking to verify sensitive details – there is a great chance that such is a phishing email, and that is just one of the major avenues used to fully implement a wire fraud compromise. It is better to put a call through to confirm the source of the said suspicious email.
  • Always call to confirm if you notice or suspect anything different or out of the ordinary procedure.
  • Create and use templates or codes for communication, and do not send by email. It is a tactical approach in case the cybercriminal already has your credentials and access to your email.

PREVENTATIVE BEST PRACTICES FOR WIRE FRAUD

  • Never click on an unknown attachment or link to avoid downloading malware into your device.
  • Always use encrypted emails, transaction management platforms, or document sharing programs to share any sensitive information.
  • Carefully guide login details, access credentials, emails, and other services used for transactions.
  • Ensure regular purge of your email account, and archive all the important emails in a secure offline location.
  • Use a complex mix of letters, numbers, and symbols, or special characters for your passwords.
  • Consider using a password manager, and do not use the same password for multiple accounts.
  • Use two-factor authentication on your device when possible.
  • Avoid doing business over public, unsecured Wi-Fi.
  • Be vigilant and alert as the threat landscape is changing from time to time.

Furthermore, it is very important to have the proper IT security measures in place to help address the fast growing threat of wire fraud. Below are some IT security measures that will help prevent wire fraud within your organization:

  • Keep your antivirus software and firewalls active and up-to-date to avoid infiltration by cybercriminals.
  • Keep your applications, operating systems, and programs properly patched on time and up-to-date.
  • Carry out a regular backup of critical data, applications, and systems, and keep backed-up data in a separate offline database that is different from your current infrastructure.
  • Verify the legitimacy of applications before downloading them to avoid downloading and installing malware that is capable of breaching your privacy.
  • Look at links and text messages thoroughly, and do not click on links or texts from unknown senders.
  • Always review the applicable privacy policies and contracts with your attorney before engaging an outside IT service provider.

CONCLUSION

In today’s ever-changing threat landscape, malicious actors are devising newer and innovative methods to compromise businesses and organizations. Therefore, the issue of wire fraud is unfortunately here to stay. However, it is imperative for organizations to continuously collaborate with competent cyber-threat experts who are experienced in monitoring trends, tactics, and procedures used by wire fraud actors.

Secondly, whenever a potential wire fraud behavior is discovered within your corporate computing environment, it is necessary that system forensic measures are taken to preserve the affected system. In such cases, we advise engaging with IT Security experts or  consultants to begin a digital forensic investigation – this will help to determine the root cause of the wire fraud breach.

All in all, be sure to apply all the detective, corrective, preventive measures and best practices highlighted in this article to curtail the menace of cyber criminals perpetrating wire frauds. However, if your organization happens to become a victim of wire fraud, do not panic – understand that the actions to mitigate the situation will involve multiple skills and departments within and outside your organization, including your local FBI Internet Crime Complaint Center (IC3).