Ransomware has built a fearsome reputation in recent years. It’s easy to understand why: attacks such as WannaCry and NotPetya have crippled businesses and cost untold billions in damages. It’s important, and necessary, to be sufficiently protected when it comes to modern attacks like ransomware, but don’t drop your guard when it comes to good-old-fashioned phishing and wire fraud.
The definition of wire fraud in the US is broad but can be succinctly described as anything transmitted electronically via interstate wires with the intent to defraud a recipient. These attacks can come by email, phone, TV, radio and even text messages.
How Does Wire Fraud Happen?
One of the most famous examples of wire fraud is the Nigerian prince scam wherein an exiled Nigerian prince emails the victim asking for bank information to safely secure his vast royal fortune from Nigerian banks, often promising some portion of the riches to the victim in return. There are many variations of this scam, but it’s usually a sad story combined with the request for bank information to stow millions of dollars.
In many modern attacks, the recipient doesn’t even need to willingly agree to hand over their bank credentials. Sophisticated email phishing scams will instead trick the recipient into clicking a mundane link or installing / downloading an infected attachment. These emails often appear to be legitimate communications from Facebook or Walmart or Apple. Once infected, the victim’s network will then be scoured for financial information.
Email is only one common method that criminals use to commit wire fraud. Automated phone calls and phishing text messages are other modern ways a victim could be scammed.
How Widespread is Wire Fraud?
Believe it or not, wire fraud cases are exploding. In 2017, the FBI received over 301,000 complaints with more than $1.4b in damages. Far and away the most damaging cybercrime was business email compromise with losses pegged at $6,676,151,185.
Think your business is too small to be a target? Think again. According to the Ponemon Institute’s report, 2017 State of Cybersecurity in Small and Medium Sized Businesses, 61 percent of small businesses experienced a cyberattack in 2017, up from 55 percent in 2016. In fact, 43 percent of all malware victims are small businesses. Too small to be a target? Small businesses are the prime target for cyberattacks.
Over the last two months we’ve met with two Connecticut based companies that were hit for $300,000 in fraudulent wire transfers. The typical move is to compromise management or finance email accounts and start monitoring emails. Once an understanding of clients, vendors, invoices and bills has been gained they step into action either redirecting legitimate transactions or creating dummy invoices and depositing the funds into their bank account. They then sweep the money out and the trail goes cold. It is exceptionally rare that any of these funds get recovered. In most cases the best you can hope for is your cybersecurity insurance policy (you have one right?) covers the losses and the cleanup. If you (or your IT provider) didn’t do your due diligence preventing these activities you may be left with all of the exposure.
What Can Be Done to Prevent Wire Fraud?
Only 51 percent of small businesses allocate funds toward cyber security. To combat this growing threat, businesses owners must get tough. Company-wide training, smart institutional policies and even simulated phishing drills go a long way to protecting your organization. It’s not worth putting it off: 6 percent of small businesses are unable to recover from a cyberattack and subsequently go out of business.
In addition to protecting yourself with comprehensive education and strategies, enhanced security technology can fortify your network and drastically reduce the likelihood that you will be a victim of wire fraud. The best protection you can put in place is an IT support partner that understands your risk exposure and mitigates it.
Do More To Combat Wire Fraud
Want to find out about the best technologies to combat wire fraud and other cyber attacks? Fill out this form to get our FREE SecureIT fact sheet from I-M Technology sent straight to your email to learn more.