☰
What Is
Wire Fraud?
Wire Fraud Is:
When an organization is tricked to WILLINGLY send a payment to a criminal instead of their intended recipient. The transfer passes all internal approvals, has proper authorization from the bank, and you voluntarily release the funds.
The loss is due to social engineering, not a hack!
Why Wire Fraud Is
A Problem
Social Engineering, Not Hacking
Criminals know the easiest way to make money is through social engineering. They have an array of tricks, tactics, and tools to misdirect an otherwise perfectly legitimate payment. These social engineering techniques means that wire frauds are due to a failure of people and processes.
You are Responible to Verify Bank Details
Banks, insurance companies, and service providers provide important protections in transferring funds but are not liable for the wire fraud attacks that happen every day. Whoever hits send on a wire is ultimately responsible if it is directed to a criminal.
Your Team is Not Perfect
Nor should they have to be. Wire fraud happens all the time to the most fastidious, well-meaning, and committed teammates. The bad guys are very “good” at their craft and the payoffs are enormous. A tiny mistake in the face of a sophisticated attack can cost millions.
Losses are Embarrassing and Nobody Shares Knowledge
Along with monetary losses, wire fraud victims also suffer reputational damage. The stigma of being a victim has led to less knowledge sharing among peers, both internal and external.
How to
Combat Wire Fraud
-
Technical Controls
-
Create Alignment
-
Assign Roles
-
Execute process at speed and scale
-
Risk-based approach
-
-
Outsource responsibility
-
Rely on external financial partners
-
Assume IT/Security handles this
-
Hire perfect employees
-
Never make a mistake