Email scams can have devastating consequences for your business. Scammers target businesses of all types and sizes by sending employees emails asking them to send out money via a wire transfer or ACH payment. In most cases, once a business has initiated a wire or an ACH, neither the Bank nor the business can recover the funds and the business is responsible for the unrecoverable funds.
Scammers will often pose as a top company official or a reliable source, such as the CEO, CFO, vendor, or a third party (real estate agent, lawyer, or CPA) and request via email that you send an electronic payment for something that sounds reasonable. Typically, they note that they’ve recently changed their banking instructions and ask you to send the payment to a new bank/account number.
To help protect your business, consider the following best practices:
- For any emailed money request, use the information that you have in your files and not the contact information included in the email. Call the sender using the information in your files and verify that the request is authentic. Scammers will often indicate that they are busy or traveling and are unable to be reached by phone. Email approvals/requests should not be relied on for authorization.
- Review the sender’s email address carefully. Scammers often use email addresses that are similar to the actual address, just off by one number or letter.
- Before sending money to a vendor, client, or even a family member, consider the following:
- Does the request make sense and is the dollar amount reasonable?
- Is there a heightened sense of urgency for the transaction?
- Are the payment instructions different than those used in the past?
- Is the money going to a bank and/or person that seems reasonable based on the transaction?
Additional Steps to Protect your Business
- Implement the security features we offer such as Positive Pay, IP filtering, and dual approval.
- Use a dedicated PC for banking transactions only.
- Utilize user controls and authorization limits to manage system access and minimize potential losses.
- Review activity in your bank accounts frequently.
- Train employees on current cybercrime and social engineering threats to reduce the likelihoodthat your business will become a victim of a scam.
- Keep your technology up to date (i.e. firewall, anti-virus, password requirements, web filtering, etc.), and periodically test the strength of your computer defenses.
- Limit the financial and employee information that is posted to your company website or social media. Criminals can use this information to set up very convincing scams.
- Review your insurance coverage for this type of incident.
Helping you protect your financial information is important to us. For additional information on ways to prevent, detect, and respond to threats to your accounts, please visit: EnterpriseBanking.com/security.
If you would like to speak to an Enterprise Banker about Cash Management products and services to further help protect your business, please call us at 877-671-2265