Banking on Trust: How To Prevent Invoice Fraud
Over 80% of organizations worldwide have experienced a dramatic increase in phishing attacks over the last two years, undoubtedly making it one of the most pressing and critical threats in the cybersecurity landscape. Even as businesses become more data security oriented, threat actors continuously evolve their tactics, making it imperative to stay up to date on the latest scams in the digital space.
One increasingly common and extremely dangerous scam is invoice fraud, which according to Financial Professional Census, costs mid-sized businesses nearly $280,000 per year.
How It Works
The main type of invoice fraud (also known as “change of banking details fraud”) is relatively simple. The would-be criminal waits until there is an email exchange involving banking information or payment and then interjects a fraudulent email directing the transfer of money to the criminal’s account.
For example, imagine that a company is purchasing a set of furniture from an office outfitter for an agreed price of $25,000. Once the details are set, the cybercriminal emails the purchasing company and directs them to wire the money to an illegitimate account.
They replicate what looks like a legitimate email—names, business logos, contact information, etc.—and changeonly the bank account and routing numbers. The purchasing company has no reason to expect fraud since they were expecting to receive an invoice and sends the money to the thieves.
Sound unlikely? It isn’t. According to the FTC, over 2.1 million people are victimized by similar banking scams every year.
Invoice Fraud Prevention
There are steps that you can take to protect your business from invoice fraud and VENZA is here to help. Here are a few tips for avoiding this scam:
1. Have your guard up. Any communication involving financial information is a prime target for fraudsters. While you should always be vigilant against social engineering, spend extra timescrutinizing financial emails to verify that information is legitimate. Be sure to check the email address from the sender for minor variations, such as:
*Replacing the letter “O” with the number “0.”
*Replacing the letter “I” with the number “1.”
*Replacing letters “rn” with the letter “m.”
Scammers often rely on small differences that can be overlooked.
2. Use independent confirmation. Double-check that invoice information is correct by speaking with the business directly. This oneextra step can eliminate the risk.
3. Act quickly. If you think you’ve been defrauded, contact your bank immediately. They can stop payment and shut down the ability to make withdrawals from an account. In these situations, time is of the essence. Be sure to confirm sent payments with vendors so you’ll know if money hasn’t been received and can quickly investigate.
4. Invest in threat monitoring. Invoice fraud is so effective because it mimics the real thing. This is only possible if bad actors already have access to your systems and are actively monitoring your conversations, allowing them to specifically tailor their phishing attacks to a specific transaction.
This is easily prevented by monitoring access within your network. One of the best ways is to use advanced threat monitoring and logging solutions, like those provided from CyberTek MSSP. These tools track any unusual activity and provide a “red flag” that’ll warn you about unauthorized access.
Feeling overwhelmed? Don’t be. VENZA and CyberTek are here to help. Cybersecurity is complex, but in partnership with us, your company can get started in as little as one month. Get a live demonstration today by contacting our Customer Success Team.
Ready to elevate your game? Contact Sales to discuss signing up for our programs or adding new solutions to your contract.
Take VENZA’s free Phishing Test to assess gaps in your human firewall today!
Training your personnel to recognize and report phishing attempts is essential to protecting your guests and their data. Get started by determining your risk and readiness level using this free tool.
Want to stay informed? Subscribe to the free VENZA Echo now. You’ll receive a monthly digest with the highlights of our weekly article series and important product updates and news from VENZA.