Internet fraud: Don’t be a victim!

Wednesday, November 25, 2015

Isabelle Lord | Desjardins Group

While it’s an invaluable tool for business, the Internet can be a double-edge sword, as it’s an invaluable tool for crime, too! Criminals are always looking for new ways to beat the system, so here are some scams to be aware of in the digital age. Share them with your employees and ask them to stay on their toes.

Executive impersonation

A criminal might hack into the email of a corporate executive, keeping an eye on their messages over a number of weeks or months to get an idea of who does what. Then they will write to an authorized employee from the executive’s email account, and ask the employee to make a money transfer, while perhaps flattering them and asking for the utmost discretion (because of course it is for a top-secret acquisition and this responsibility couldn’t be entrusted to anyone else!). The flattery and back-and-forthing will then continue up until the money has been transferred.

Quick tip

Set up a strict procedure for money transfers, including a systematic confirmation of any major requests using a communication method other than email. And make sure that only authorized personnel are aware of the policy.

Provider fraud

In this case, the criminal might hack into a provider’s email. From there, they will write to the company to have them update the banking information they have on file. The payments will then go directly into the scammer’s account and the legitimate supplier won’t see any money until long after the fraud has been detected.

Quick tip

If a supplier emails you to ask that their banking information be updated, give them a quick call to confirm that the request really is coming from them.

Overpayment

After making a purchase by email, the “client” may send in a cheque for too much money. They must have confused the amount owed to another company, or maybe revised the initial order downwards, so they would like a refund. But the cheque is a fraud and the crook walks away with both the overpayment amount and the goods that were delivered.

Quick tip

Require exact payment from clients. In the case of emergency, suggest a different payment method.

Phishing

You might get an email with the logo of a bank or another major company telling you that there is a problem with your account (bank account, voicemail, etc.). It might say you’ve come into some money. In either case, it’s urgent—you must act now! Just click on a link and enter your personal and banking information. But of course both the email and the website are fakes and the scammer now has access to your information and can hack your voicemail or steal your identity.

Quick tip

An email warning you about a problem or letting you know about a windfall should raise suspicions, especially if it suggest that things are URGENT. Even if it has the logo and signature of a company you trust, don’t click on the link and never open any attachments. Use the official contact information you have to contact the company directly—don’t use the information in the email—to confirm whether it is legitimate.

And be sure that you have adequate and updated IT tools to stay safe!

This article was originally published in the webzine Co-opme of Desjardins Group External link. Opens in a new window..