As the focus of the “Dark Side” participants of the Cyber World is redirected from the Big Box Stores and Fortune 500 companies to middle market companies, CFO’s/Controllers beware…THEY’RE COMING AFTER YOU!
The newest ploy is to hack into your corporate email system and determine how Funds Transfers are initiated. If the President of your organization typically emails to the controller the transfer instructions for a business transaction, the “bad guys” seek out those emails; study’s them and then replicates them to a “T” and dummies up an email address so close to the president’s that it is not picked up by the naked eye. Then the controller gets an email that appears to come from the President and its game on!
The transaction is executed from your account to a domestic account of a fictitious company and the bad guy goes to the bank, extracts the funds out in a cashiers check and your money is gone. 600 of these transactions have been completed successfully so far this year and there is a high likelihood that insurance will not cover this.
Recommendation: Change your corporate policy to require a “wire transfer” request to have a “wet” signature before being executed. Also, read the “Computer Wire Transfer Fraud” section of your insurance policy very carefully. Pay particular attention words like “originating computer” and “located on your premises” as these may be the trigger words that get you a CLAIM DENIED stamp on your file.