Funds transfer fraud (FTF) is a cybercrime that uses deception to get a business to transfer money under false pretenses. Simply put, FTF occurs when a hacker, using sophisticated tactics, redirects a business’s online money transfer so the payment goes to the fraudsters, not the intended recipient. The business may never know what happened until the money is gone.
Two common types of FTF tactics
FTF has become a significant threat to enterprises of all sizes, with small and midsize businesses (SMBs) particularly vulnerable. Cybercriminals are increasingly targeting SMBs because hackers know these enterprises may have limited cybersecurity measures to combat fraud, allowing them to secure high payouts with little effort.
Two of the most common types of FTF tactics are:
1. Business Email Compromise
Business email compromise or email account compromise is a particularly financially damaging crime. It occurs when criminals use email accounts to send messages to a business employee that appear to come from a trusted source, such as a company’s CFO, customer, or supplier.
These emails typically make seemingly legitimate requests, such as:
- An email from a hacker impersonating the company’s CEO and authorizing a fraudulent transfer
- A hacker impersonating a vendor of the business submitting a fake invoice for payment but asking the company to use a different mailing address or payment method
An example of this tactic would be a hacker who impersonates a company vendor and creates a fake login page. The hacker then contacts the business, informing them of a pending invoice. Unsuspecting individuals, such as an accounts payable employee, leave their credentials when attempting to log in. Hackers, posing as legitimate suppliers or service providers, then use that information to create and send fake invoices linked to a bogus account under their control. The payment of those invoices does not go to the intended recipient.
2. Account Takeover
Account takeover is when a cybercriminal gains control of a business’s accounts to initiate unauthorized funds transfers. Once a hacker steals a business’s credentials, they can easily initiate unauthorized funds transfers. Bank accounts are only one example of the target accounts. Other examples, which are sometimes easier for criminals to gain access to and initiate payments out of, are payroll systems, peer-to-peer payment systems, and industry specific management and payment systems.
What makes SMBs prime targets for FTF?
The main factors that make SMBs especially vulnerable to this type of cybercrime are limited infrastructure, minimal security measures, and a lack of awareness.
Unfortunately, cybercriminals know that SMBs, unlike large corporations, can lack the resources to employ a cybersecurity team with the expertise to identify and prevent today’s sophisticated FTF attacks. They also know that a business’s financial systems are easier to hack into without proper security measures being regularly implemented and enforced.
In addition, SMBs do business with various vendors and suppliers. Knowing that SMBs typically have limited security controls to monitor and safeguard these transactions, hackers will seek out vulnerabilities along supply chains, looking for easy access points to hack into a business’s financial systems.
The most common access point (“attack vector”) is email. Email is widely used, often vulnerable to access, and easy to replicate (“spoof”).
Mitigating FTF risks
To help protect against FTF, SMBs must educate themselves about potential threats and implement preventive measures. This can include:
- Educating employees about common fraud schemes, as well as how to recognize and report red flags (such as spoofed emails)
- Implementing a robust process for verifying invoices (that does not include replying to an email)
- Verbally confirming any payment instructions (“dual authentication”), such as confirming via a direct method other than email
- Enabling two-factor authentication for all emails and for financial and payment accounts
- Using only secure communication channels when sharing sensitive information, such as account details or payment instructions
- Verifying new vendors’ legitimacy, such as by checking references
- Monitoring accounts and conducting regular account reconciliations to detect any unauthorized transactions promptly
Even under the most stringent controls, FTF can occur. Proper cybersecurity protection that includes insurance coverage for this type of fraud provides a safety net against potential financial losses by offering peace of mind and stability in the face of today’s ever-evolving cyber threats.
Vigilance and awareness are crucial in preventing FTF. Proactive first steps include staying informed about the latest hacking tactics, paying close attention to email, adapting your security practices accordingly, and mitigating potential risks with the right cybersecurity insurance.
About eSpecialty Insurance and Bob Sargent, Founder and CEO
eSpecialty Insurance was established to revolutionize the customer journey in specialty insurance. Bob is a founder and early-stage investor with decades of experience as an underwriter and broker addressing unusual, complex, and challenging cyber exposures. He helps SMBs secure the most comprehensive cybersecurity solutions at competitive rates.
Email [email protected] or call (435) 252-1077 to learn more. Follow eSpecialty on LinkedIn!