Wire fraud isn’t cheap. A recent report found that the average value of attempted business wire fraud was over $100,000 [PDF, 2.7MB] in Q3 2021. If you frequently send wire transfers or work with overseas suppliers, your organization is at a higher risk of wire fraud.
Falling for a scam might only take a few minutes, but it can cost your business thousands of dollars, or even worse,your professional reputation. With the right prevention methods in place, you can protect your company from attempted fraud and preserve your client relationships.
What Is Wire Fraud?
Wire fraud is a type of scam that uses some form of electronic communication to defraud a person or a business. Wire fraud can be conducted through email, text messages, phone calls, and even social media.
Wire fraud doesn’t always involve a wire transfer. Scammers might also ask you to pay through gift cards, preloaded credit cards, or cryptocurrency. They often request payment via wire because it is nearly impossible to reverse or trace the transaction after it’s been sent.
4 Wire Fraud Examples
Every wire fraud scam has the same goal: to trick your business into sending money before you realize what’s going on. Once your team learns how to identify different types of wire fraud, it will raise awareness, and help to avoid these scams.
- Phishing Scams
In 2021, 83% of companies surveyed reported that their organization experienced a successful email phishing attack.
A phishing attack is an email that looks like it’s from a trusted source, like a vendor or a manager. But, the email is actually from a scammer who is looking to get access to financial information, like bank account numbers or credit card details. This type of phishing scam is also known as business email compromise (BEC).
Phishing scammers use social engineering to trick you into transferring money to their account, often by using urgent or threatening language. Other indicators of a possible phishing scam include:
- Spelling or grammatical errors
- An incorrect email address that looks very similar to a legitimate source, like itservces.com instead of itservices.com
- Requests for sensitive information
- Unprofessional design, like image-only emails or blurry logos
2. Executive Expense Scams
In this scam, your accounting department receives an email that appears to be from your HR, IT team, or an executive requesting payment for company expenses.
The scam email will often say that the “executive” is offsite and needs a large amount of money wired immediately to a specific bank account. Scammers might request gift cards to be given to new clients or to pay an outstanding invoice.
Sophisticated fraudsters may also “spoof” an actual email address from an executive, so the message appears completely legitimate. This is known as business email compromise, which cost businesses over $43 billion between 2016 and 2021.
3. Overpayment Scams
In overpayment scams, someone poses as a new client, then seemingly overpays and requests that you pay back the difference via wire transfer. The person behind the request might say that the overpayment is intended for import or transportation fees that you need to send to a third party.
These scams usually involve payments made via a bad check or stolen credit card that are then canceled or reversed. Once you’ve sent over the overpaid funds, you are left liable for the amount you paid.
Overpayment scams most commonly target businesses that advertise and sell their products and services online. Scammers will often inquire about or pretend to make large purchases to discourage you from spotting any red flags about the order.
4. Tech Support Scams
If you receive an unsolicited phone call or email that seems to be from a technical support service, it’s likely a scam.
In a tech support scam, someone impersonating a computer technician claims that your computer has a virus or another serious problem. The defrauder tries to sell you useless software, repair services, or warranties that are usually available elsewhere for free. They often ask for payment via wire transfer, gift cards, or cryptocurrency, which no legitimate technical support provider would do.
In some cases, you could be tricked into installing malware that gives the scammer remote access to your computer, including company files, login credentials, and other sensitive information.
What’s the best way to fight fraud?
With strong financial controls, of course! In this day and age, you need to come equipped for battle. Implementing AP automation can help you reduce fraud and shore up your finances right now.
How to Prevent Wire Fraud
Wire fraud is an easily avoided scam, as long as you have the right safeguards in place.
Train Your Employees to Spot Red Flags
Your team is your first line of defense against wire fraud, so investing in internal training is an easy way to reduce your fraud risk. Educate employees about common indicators of wire fraud, such as:
- Poor spelling and grammar
- Slightly different email addresses
- Urgent requests
- Strange behavior via digital communication from managers, executives, or clients
- Requests for bank account information or login credentials
If your organization has fallen for a wire fraud scam before, then use that as an example in your training to show employees what an actual scam looks like. Training should be repeated at least once a year to refresh skillsets.
Consider conducting unannounced tests to see how well employees can identify and avoid wire fraud attempts. Tools like Google’s Phishing Quiz or PhishMe from Cofense simulate phishing attacks to evaluate your team’s vigilance against scams.
Verify the Wire Transfer Request with Your Client
You should always verify a request through another form of communication before authorizing a wire transfer.
Contact your client directly using a phone number you have previously called to verbally confirm the wire transfer. It’s best to verify wire transfer requests by phone instead of email in case the scammer also has access to your client’s email account.
For additional security, create a two-person verification process for all wire transfers. Assign someone from your team to each client to confirm any payments. When you receive an invoice or another request for payment, that person should confirm it separately with the client. If it’s a scam, then your client can make sure you don’t send any funds before it’s too late.
You should also follow this verification process when setting up payment instructions for new clients or changing the payment information for an existing one.
Implement a Cybersecurity Policy
A company-wide cybersecurity policy ensures maximum protection from wire fraud and other scams. Cybersecurity policy templates help you cover different types of security risks. Your policy should include:
- Requirements for strong passwords and two-factor authentication (2FA)
- Spam filters for email accounts
- Added encryption for sensitive data
- A standard procedure for reporting potential scams
Reevaluate your cybersecurity policy each year and make any necessary updates, like known scam attempts.
Additional Resources for Wire Fraud
If your business is targeted by a wire fraud scam, report it to your bank and the Federal Trade Commission (FTC) immediately. Although the FTC doesn’t resolve individual reports of wire fraud, they compile these complaints into databases, so law enforcement can identify possible patterns and launch investigations.
Other resources for preventing wire fraud include:
- Title Resources Group: This cyber fraud toolkit is designed for real estate agencies, which are a common target for wire fraud.
- ALTA: This resource includes a verification checklist and a rapid response plan.
- Scams and Your Small Business: A Guide for Business: This guide from the FTC covers several kinds of common scams, including wire fraud.
Use a Fraud Detection Tool to Protect Your Business from Wire Fraud Attempts
If your accounts payable team handles hundreds or thousands of transactions each month, then you need extra support to successfully prevent wire fraud. Accounts payable automation software adds extra security by automating several key processes, including client data validation and fraud detection.
Tipalti Detect℠ proactively monitors all new and existing vendors for potential fraud, so you can investigate them before sending any payments. The software automatically notifies your team of possible risks, so you can act accordingly. Filters enable you to quickly identify triggers for risk, allowing you to investigate more efficiently.
All the complexities of modern accounts payable, including tax compliance and cross-border transactions, open up your business to risk. You need stronger regulation and smart software. Here’s more on How to Stop Payments Fraud with Financial Controls.