Top 5 cyber fraud tactics
A scammer sends out mass emails or text messages that appear to come from a legitimate company. They attempt to lure you into giving out personal information or prompt you to click links or open attachments that will install malware on your computer.
For more information about these measures and to stay informed of any updates, see how protecting your personal information is our priority - This link will open in a new window..
2. CEO fraud
A scam artist hacks into a CEO's email account and contacts a company employee who's authorized to make international wire transfers. Assuming the identity of the CEO, the hacker asks the employee to transfer money to a foreign account for an emergency or a major acquisition. The situation usually involves multiple email exchanges during which the employee is told to keep it under wraps.
3. Overpayment scam
A new "client" sends a company a cheque in the wrong amount for goods or services and then asks to be reimbursed the excess funds. But the cheque turns out to be fraudulent, so the scammer makes off with the goods or services and the amount reimbursed by the company.
4. Fake supplier scam
A scam artist hacks into the email account of a regular company supplier and asks the company to make payments to a new bank account. The legitimate supplier therefore never receives the company's payments.
5. Fake websites
A scammer fairly easily copies a company or government website and makes it look like the real thing, which they then use for various fraud schemes.
What's your best defense?
1. Be on the lookout
If something doesn't look right, flag the problem and investigate further.
2. Check the origin of email and text messages
Was the message expected or solicited? Whatever the case, never give out personal information by email or text.
3. Set up a rigorous procedure for e-transfers
It should be written down and known only to the employees concerned.
4. Make sure transactions with suppliers and customers are secure
Confirm any changes to supplier banking information by calling the supplier at the phone numbers you have on file.
5. Train staff
Employees must be made aware of the latest fraud schemes and be trained on procedures and controls.
6. Create strong passwords
It can take a hacker just minutes to crack a password that doesn't follow our guidelines. A password should contain at least 10 characters, 1 capital letter, 1 digit and 1 special character (e.g., ! $%? & _ @ + =). A password manager is also much safer to use than an Excel spreadsheet or a post-it note.