If I received an urgent e-mail from Boss Meg telling me to send a $9,000 wire transfer to Consumerist’s fedora vendor, I would know that it was some kind of scam. Paying our bills isn’t part of my job, so clearly that isn’t an e-mail that I would receive. What if that were my job, though? Companies have reported losing an average of $55,000 to a scam exactly like this, wiring money to mysterious entities who forge e-mails from the boss.
Companies do conduct a lot of business by e-mail, which is what makes this scam so scary. A fraudster might also pose as an existing vendor sending in new “account information” that goes somewhere else entirely.
Companies targeted from this scam are generally in North America or the United Kingdom, deal with vendors in other countries, and routinely send out large payments, so the errant payment might even go unnoticed for long enough that it can’t be traced.
There are ways to prevent such things from happening in your workplace: make sure that multiple people have to authorize large transactions. Carefully check return addresses on messages that you receive, and even look at the headers to make sure that the message originated where it was supposed to.
A bossy business scam [Federal Trade Commission]
BUSINESS E-MAIL COMPROMISE [Internet Crime Complaint Center]
by Laura Northrup via Consumerist
No comments:
Post a Comment