Phone: 630-495-2282 Fax: 630-495-2260 Map/Directions

2 area dealerships fall victim to email wire fraud scams

August 12, 2016
A CPA firm reported that a second area dealer this year lost thousands of dollars in a fraudulent email scheme. The first loss totaled about $50,000; the latest, $14,000.
The controller at the recent dealership reportedly received what appeared to be an email from the dealer principal’s address which instructed the controller to wire funds. The CPA firm said accounting personnel should never initiate any wire, ACH debits or other payments requested by email.
In today’s digital age of Facebook and LinkedIn, wire fraud schemes that rely on targeted email phishing have become increasingly common and sophisticated. By finding individuals who haven’t enabled privacy features on their social media accounts and then using that publicly available data to craft believable, fraudulent emails, criminals trick businesses into quickly sending funds by creating fake, urgent situations. Frequently, victims don’t realize they’ve been duped until they confirm the transfer of funds with a vendor or manager — when the money is already long-gone.
According to the Association for Financial Professionals’ Payments Fraud and Control Survey, the number of businesses reporting wire fraud more than doubled, from 5 to 11 percent in 2013, with wire transfer listed as the preferred method of payment for fraudsters. This is largely due to the quick payment clearing timeline, which is much faster than ACH or check.
As the numbers of victims continue to rise, businesses are fighting back by setting up internal controls and procedures for employees who process payment instructions via email. Ravin Yadav, Vice President for J.P. Morgan Transaction Services and Fraud Expert, says, "Rigorous application of simple procedures such as callbacks and validations go a long way in detecting and preventing a fraud loss."
Businesses can protect themselves by ensuring all employees handling payments for the company always take precautions:
• Validate new payment instructions received via email — even if the email is internal.
• Pick up the phone, whenever possible, and speak directly with the individual requesting a funds transfer.
• Contact the vendor or client directly to confirm any requests for payment method changes, validating the changes are legitimate before processing.
• Carefully review all payments before they are sent and ensure all correspondence is validated and documented in a unified way across your business.
If a business falls victim to phishing or wire transfer fraud, use the event as an opportunity to assess the company’s internal controls. Training staff on the ways that fraud is evolving is critical. In the fight against fraud, a little knowledge goes a long way.