What would you do if a significant sum of money magically disappeared from your account due to a “miscommunication” between accounting and someone pretending to be you? Wire transfers have made it extraordinarily easy for scam artists to make large transactions, which are augmented by the ability to impersonate authority figures within the office; the c-suite staff, also known as management.
This type of CEO fraud is known as a “whaling” scheme. In a sense, it’s like a phishing scheme, but on a much larger scale. When it comes to whaling, rather than faking the identity of your IT department or another employee, the hacker goes for the motherload: you, the business owner, or another member of your management staff. This plays to the employee’s willingness to comply with your requests and makes it more likely that they’ll perform unreasonable tasks, like sending “you” a large wire transfer.
Wire transfers in particular are proving to be a powerful tool for hackers to exploit. ITProPortal reports: “Individuals create bogus messages seemingly from a senior leader, for example, the CEO, which asks employees to wire funds across to them. The messages ultimately trick employees into transferring large amounts of cash electronically.” The average value of a wire transfer is $67,000, and according to the FBI, CEO fraud has cost businesses over $3 billion over the past three years alone.
One of the biggest problems with wire transfers is that they are difficult, and often impossible, to challenge. Therefore, your best chance of recovering from a whaling scheme is to avoid getting scammed in the first place, unfortunately. Due to the fact that wire transfers are too fast and finite, you’ll want to ensure that your business has practices in place to handle this influx of CEO fraud. A good place to start would be to address how your business handles unsolicited requests for payments or credentials via email, telephone, or otherwise. Here are a few tips and tricks to consider for your business.
To learn more about whaling schemes or CEO fraud, reach out to us at 407-478-6600.
Comments