Cybersecurity and Fraud Protection
How to Protect Your Business From Wire Fraud
To prevent and prepare for a wire fraud attack, your business should not only educate all employees, but develop a comprehensive incident response plan.
Wire fraud is pervasive and costly. Cybercriminals use business email compromise (BEC) and other wire-fraud methods to target payments employees. Instances of BEC alone resulted in over $26 billion in domestic and international exposed dollar losses from June 2016 to July 2019. On top of financial costs, businesses must contend with wire fraud’s impacts on business operations, payments systems and corporate reputation.
Aside from BEC, common methods of wire fraud include:
- Phishing, including voice and SMS phishing—vishing and SMShing, respectively
- Email account compromise (EAC)
Education is paramount to wire fraud prevention. It’s essential to train employees on how to spot and prevent fraud, as well as follow best practices surrounding wire fraud:
- Establish a tiered confirmation process.
- Never release funds if you cannot validate the request.
- Develop escalation protocols.
- Create shared protocols with vendors and suppliers.
- Implement a separation of duties between employees who request payments and those who release funds.
Develop an Incident Response Plan
If your business experiences wire fraud, however, you should be prepared to respond effectively. To do so, you’ll need a thorough incident response plan consisting of four stages:
- Detection and analysis
- Containment, eradication and recovery
- Post-incident activity
Reporting Wire Fraud Attempts
Victims of wire fraud should contact the financial institutions involved to halt additional fraudulent transactions. Likewise, report the incident to law enforcement, which helps your business and others avoid similar fraud attempts.