Financial Crime Investigators of the Royal Turks and Caicos Islands Police Force are warning the Business community of a new trend of a hacking method that mainly targets businesses by using email. Officers are investigating two reports by victims who have lost a substantial amount of money.
Since email has caused a significant decline in the use of fax machines, and even telephone for most companies, the ability to monitor the emails exchanged within a company makes it easier for hackers to become familiar with their financial procedures.
There modus operandi for carrying out this act can be done in two ways.
1. By company billing structure: Company A routinely does Business with Vendor B. Vendor B submits a bill to Company A through email, which is then approved by the CEO/CFO and forwarded to the accounting department. The Accounting Department pays the bill to Vendor B like usual. This seems like a pretty harmless and basic payment structure, but can be problematic if a hacker catches on to the system.
If Company A’s email system has been unknowingly compromised, the hacker could familiarize himself with their payment procedures and ongoing transactions. Next, the hacker would send a bill posing as Vendor B with new payment instructions. The CEO/CFO would recognize Vendor B as a vendor they routinely do business with and see the bill was for a legitimate transaction. The bill would get approved and forwarded to the accounting department. The accounting department would submit payment following the new instructions, which puts the money right into the pockets of the hacker. Company A would not discover the mistake until they receive a late payment notice from Vendor B.
The second method is the Fraudster posing as the CEO: In this method, the hacker sends an email to the accounting department posing as the CEO/CFO of the company. The email can request a wire transfer with provided account information and the pretense that the payment is for a new or current vendor. The hackers do this by setting up a forwarding system to receive all emails sent to a CEO/CFO of a company. Once he or she has monitored the company’s exchanges and feels comfortable with the situation they make their move. This is done by sending a wire payment request using the CEO/CFO’s actual email account, or creating a spoof email that resembles the CEO/CFO’s email. The employee may not even notice the email has been altered. Example JohnDoe123@tciconstruction.com and JohnDoe123@tciconstruction101@
TIPS to protect your Company for email Fraud
Here are some steps to take in order to prevent email fraud from happening to your company.
1.) Verify a change in payment with the vendor over the phone with a previously established phone number (not one that was provided in the email)
2.) Keep a hard copy of vendor contacts who are authorized to approve changes in payments
3.) Use a dual-approval system for any wire transfer requests that meet specified requirements
4.) Send a PIN number via text or require verbal communication before submitting payment
Police are urging anyone with information or who may noticed suspicions activities in their company to call Crime Stoppers on 1-800-8477 or use the Crime Stoppers online reporting page: www.crimestoppers.tc, Chalk Sound Police Station 3385901.
Information you provide will be treated in the strictest of confidence. We remind people they should not report crime information via our Facebook and Twitter page.
