EY’s Fraud Investigation and Dispute Services group has issued a warning about a recent wire transfer scam that has impacted several companies.
Most have avoided major damages, but some companies have lost up to $5 million after employees received and acted on fraudulent emails that requested they complete wire transfers for high-level executives.
In most cases, the exchange follows the below pattern.
- An employee receives emails from an individual impersonating an executive of their company, typically the CFO or CEO.
- The emails have been generally well written and plausible. They appear consistent with company emails, and may even come from a domain name set up to look similar to the corporate email address, only with an added letter. For example, @institute.com might appear as @instiitute.com.
- The requests include instructions on where to wire money to cover an urgent business transaction, such as an acquisition. The transfer is usually to a foreign location and in foreign funds.
- The perpetrator sometimes requests the transaction remain confidential, and states that the employee is trusted with the information.
- The emails often include an attachment with beneficiary account details, and some include what appears to be an invoice from a supplier.
- On occasion, the transfer request may be made or reinforced by a telephone call from an individual impersonating the company executive or advisor.
To avoid losses, business owners can follow these steps:
- Notify treasury and finance staff about the scam, so they know what to look for.
- Require the use of business email accounts for correspondence on payment instructions and prohibit the use of personal emails.
- Implement an acknowledgement procedure, in which staff members are expected to forward the email to the executive to confirm receipt of instruction.
- Implement additional procedures around high-risk payments with numerous red flags.