An area dealer almost got scammed recently by someone posing as an employee who, over email, asked that their direct deposit be changed to a different account number. How can dealers avoid this type of cyber crime in their own businesses?
- Never accept wire instructions or payment requests by email or other electronic communications. It is too easy for an emailer to pose as someone else. It is too easy for a hacker to invade your system, know what you are working on, and misdirect payments when you are expecting directions.
- Always verbally confirm directions at a known phone number or by having the individual personally provide directions with proof of identity.
- Make sure your company computer protections are state of the art and updated.
- Give frequent, mandatory employee awareness training. Employees must know of crimes like business e-mail compromise. BEC occurs when a fraudster uses social engineering or hacking to compromise business email accounts and swindle unsuspecting employees into making wire transfers. Your employees must understand that a company that is a victim of a cybercrime can be crippled or destroyed, leading to the loss of jobs.
- Regularly monitor employee use of protections. Have your computer vendor develop protocols against hackers. These are not difficult and can include practices such as not sharing passwords and not clicking on links in emails from unknown senders. Make sure a monitor checks regularly that employees are following these practices.
Thanks to WANADA Kindred-line member Michael Charapp of Charapp & Weiss, LLP, for this information.Download Bulletin PDF