Watch Out! With the closing of a banking institution, there may be a surge in schemes (phishing/malicious emails and social engineering) to redirect funds transfers and conduct invoice manipulation.
Always, be on high alert and apply these best practices to avoid incident:
- Pay special attention to urgent requests for funds transfer.
- Verify the authenticity of wire transfer and banking change requests by phone – these calls should be made to the authorizing employee using contact information previously used.
- Establish a written policy for funds transfer and train employees on the procedures.
- Enable international wire transfer blocks or protocols where possible.
- Implement segregation of duties for wire transfers: one employee receives and verifies the request and a second one authorizes the release of funds.
Please refer to the following government resource for guidance: https://sao.wa.gov/wp-content/uploads/Resource_Library/Best-practices-for-sending-wire-transfers.pdf
Note that it is a great time to reinforce training with your employees and encourage vigilance to identify potential phishing (malicious) emails. It’s better to spend the time and effort to double-check than to be sorry!
If you have any questions or need a Cyber Security policy, please contact, https://www.insurance-financial.net/cyber-liability-insurance/
Connie Phillips Insurance!
888-439-0479
Terminology:
- Cybercriminals: individuals or teams of people who use technology to commit malicious activities on digital system or networks with the intention of stealing sensitive information or personal data, to generate profit.
- Hackers: hacking does not necessarily count as a cybercrime; as such, not all hackers are cybercriminals. Cybercriminals hack and infiltrate computer systems with malicious intent, while hackers only seek to find new and innovative ways to use a system, be it for good or bad.
- Threat actors: are individuals who conduct targeted attacks, which actively pursue and compromise a target entity’s infrastructure.