The great money transfer scam – and how to avoid it

The great money transfer scam – and how to avoid it appeared first on www.nimbuscs.com

Money transfers are the lifeblood of any business, allowing them to quickly pay bills and get paid – and many think they’ll never fall victim to a scammer requesting cash. But the reality is that rising numbers of companies are being targeted, and hit hard. It’s especially true for small firms, which are a particular favourite of the scamming criminals.

How are they managing to dupe companies into transferring cash? The answer is simple and highly effective – just by using email. They might, for instance, pretend to be one of your suppliers and use one of their email addresses to mail your company and ask for payment. Who’s going to check to see if the mail is legitimate? The average SME is way too busy to even think about it.

The key to discovering this deception is to check the reply email address; if the reply to address – usually a common web-based service, such as Gmail and others – is different to the from address then alarm bells should definitely be ringing.

More sophisticated cyber criminals will typically hack into a company’s email account and go through their mail to work out the most potentially rewarding targets. Then it’s a matter of conning people with a fake email conversation, and, again, it’s just so easy to do.

Like any criminal, the scammers employ a range of psychological tricks so as not to arouse suspicion. You can expect their initial emails to be short and casual, and the sender will often pretend to be the business owner or some other figure of authority. They’ll send emails to a member of staff, and the staff member will feel they are doing their duty when they comply with the demands. Sound far-fetched? Check out the movie Compliance.

Then, if the money transfer is not immediately forthcoming, they’ll add an element of urgency to it, by saying something like “I need to do this quickly”. It’s easy to fall into the trap and just send the money, because the scammer will seem like they know everything about your business. A few online searches is all it takes to get that information, though, as nowadays there’s so much information on the internet about companies.

If the requested money is transferred, it will be all but impossible to get it back. The criminals normally use a number of accounts and transfer the funds from one to another so they’re hard to trace. The general rule here is to avoid transferring money based on an email conversation, and certainly never permit your staff to make any transfers without first having an offline go-ahead from you. In addition, Google the company you’re sending money to and phone them to confirm their bank details.

If you would like to know more about IT security and what steps you can take to prevent cyber fraud, get in touch with the experts at Nimbus in Northern Ireland today.