The FBI reports hackers have stolen $1.2B from more than 7,000 businesses in the past 2 years, most often using a scam known as business email compromise (hacking the CEO’s email account and then sending emails from that account telling employees to transfer money).
Some good things to keep in mind:
· Establish a multi-person approval process for transactions above a certain dollar threshold.
· Get the word out in your office. If your colleagues or employees know about the scam, they will be more likely to spot a suspicious email.
· Be extra careful with wire transfers. Wire transfers and, increasingly, pre-paid debit cards are scammers’ preferred methods of payment. Always confirm that any request for a wire transfer is from an authorized source.
· Double-check email addresses. Scammers may use emails that look very similar to those used by the actual business, such as email@example.com instead of firstname.lastname@example.org. Be suspicious of requests for secrecy. Speak to the executive on the phone or in person to confirm changes in payment information. If you still have doubts, speak to another senior executive.
· Slow down. Scammers pressure you to take immediate action, so you don’t have time to think it through. Take time to verify any request – even an urgent one.
More information available at: