There is a 'new' fraud trend occurring in Canada that I would like to notify local business owners about. We have already had one business affected by it and anticipate more. Here is a summary of this complex fraud:
Suspects send 'phishing' emails to employees of companies. The phishing emails will usually be directed at someone in the company that will have authority to access the company finances/bank accounts. The phishing emails can vary in design but the main goal is to get the employee to engage; the employee will either be asked to click a link that leads the employee to a web site that is set up by the suspects or the email itself will ask the employee to enter information into a return email. The suspect is then able to trace the employees key strokes from then on. The next time the employee gains access to the companies' virtual banking terminal the suspect is able to capture the log on data.
From there, the suspect will either simply transfer money out of the company account to accounts overseas - however, this will be easily noticed by the company and caught fairly quickly. The suspects have added a second step which is to use compromised credit cards to make 'purchases' from the company which then fills the bank account with money. The suspects then turn around and do 'refunds' on the purchases, except the refunds are done onto pre-paid credit cards instead of the original credit cards that were used to make the purchases. By doing it this way, the suspects have now made the end of day finances balance and unless an examination of actual transactions is done, the fraud may not be caught. In this second method, it is essentially not the companies money that is being taken, the account is simply being used to facilitate the transactions.
How can businesses protect themselves:
- Ensure employees are diligent in taking precautions on their computers and not 'answering' phishing emails.
- Check the bank accounts daily and actually examine transactions.
- Have a feature set up on company accounts that will not allow a refund to be done to a different method of payment - for example: if a purchase is done by VISA, the refund must go to the SAME VISA.
- If suspicious transactions are noticed - notify the bank immediately and have the account frozen.
AVS blogs is dedicated to bringing you the latest news in computer security threats.