Tips to Protect Your Business from Electronic Fraud Schemes
RICHMOND, Va. (WWBT) — Cybercriminals are getting so crafty that even top universities like Virginia Commonwealth University can be tricked into dropping thousands of dollars in a wire fraud scheme.
Nigerian cybercriminals have successfully completed a Business Email Compromise (BEC) by finding a vendor that a company or business regularly deals with. In the case of VCU, it was a construction company with which the university had an ongoing contract.
In this type of email fraud, scammers need to create an email address that seems convincing enough to be the company they are presenting in order to take advantage of existing email chains to give an extra level of trust. From there, they just have to play the long game. Nigerians involved in this particular scam have used this method to bleed several institutions out of millions.
VCU lost nearly $500,000, but fared much better than the other victims in this case. According to the FBI, a university in North Carolina transferred nearly $2 million to scammers under the same scheme. In Texas, a Houston-based college, construction company, and government entities lost a combined total of more than $3 million.
While it might seem unlikely that a university could fall victim to BEC, cyber expert Alex Nette says there’s so much money coming out of it that some accountants might not hesitate to fire the BEC. ‘silver. Scammers know this, and that’s why they take advantage of it.
“As long as you use the internet, you are at risk. Whether it’s business, college, or just your family back home,” Nette said. “What we focus on as a company is how to keep your information safe online for businesses and consumers.”
Nette, CEO of a digital security company Hive systems in Richmond, says no person or company is too big or too small to fall for these schemes as long as your information has vulnerabilities.
“The best thing about the internet is that it connects us all, but the worst thing about the internet is that it connects us all,” Nette said. “The biggest thing playing against us right now is the speed at which we do business.”
Nette says the scammers hide behind a screen here or elsewhere, just waiting for you to let your guard down. But he says we can slow down these criminals just by picking up the phone to verify you’re dealing with a real company.
“Call this company. Say, “I just received an email from you, and I would like to confirm that there is a new place where I should wire money…” Nette said. “Taking all of this information and stopping this cycle of abuse by simply picking up the phone can only make this less of a problem for all of us.”
In the case of VCU, a university spokesperson said that thanks to the insurance, the university was able to recover a significant part of the money and that additional guarantees were put in place to protect itself. against this type of fraud. But Nette says a simple phone call could have made the difference to the university not losing anything.
BEC scammers may also attempt to impersonate an individual by hacking their information and impersonating the victim from their contacts, leveraging trust in the victim’s email to deceive relatives or colleagues.
Nette indicates that you should also protect yourself from this method by ensuring that you do not use the same password for multiple accounts and by implementing two-step authentication to access your accounts.
“No one is safe, and that’s the biggest idea behind cybersecurity,” Nette said.
Although the money lost to VCU and the other victims of the $5 million wire fraud scheme may be a drop in the ocean, the consequences of being a victim of this type of crime can be devastating for individuals and small businesses. In most cases, since large sums of money are frequently transferred to multiple domestic and foreign accounts, there is little chance that a victim will ever see any trace of that money again.
The advent of cryptocurrency has made stolen funds even less likely to be traced and recovered unless that money is insured.
Nette says six out of 10 small businesses that suffer from BEC go out of business because they don’t have the insurance policies or the cash flow to handle the financial loss.
“While there are all kinds of companies with tools and ticks to reduce this risk, this risk is always present,” Nette said. “That means we all need to take steps to protect ourselves.”
How to protect yourself:
- Be careful about what information you share online or on social media. By openly sharing things like pet names, schools you attended, links to family members, and your birthday, you can give a scammer all the information they need to guess your password. password or answer your security questions.
- Don’t click anything in an unsolicited email or text asking you to update or verify your account information. Find the company’s phone number yourself (don’t use one provided by a potential scammer) and call the company to ask if the request is legitimate.
- Carefully review the email address, URL and spelling used in any correspondence. Scammers use slight differences to trick your eye and gain your trust.
- Be careful what you download. Never open an email attachment from someone you don’t know and be wary of attachments forwarded to you.
- Set up two-factor (or multi-factor) authentication on any account that allows it, and never disable it.
- Check payment and purchase requests in person if possible or by calling the person to make sure they are legitimate. You must verify any change in account number or payment procedure with the person making the request.
- Be especially careful if the applicant urges you to act quickly.
For more resources on how to keep yourself or your businesses, click HERE.
Copyright 2022 WWBT. All rights reserved.
Send it to 12 here.
Want the best NBC12 stories in your inbox every morning? Subscribe here.