Wire transfer scams are on the rise, and non-profit organizations are especially susceptible. Using phony vendor email addresses, cyber criminals target and trick victims into wire transfer fraud. In May 2017, the FBI reported that wire transfer scams have cost victims about $5.3 billion. With tight budgets and limited resources, non-profits can take a significant hit from any loss of funding.
How do non-profits get scammed?
Scammers may use many methods of impersonating the sender address. Your organization’s best defense is knowing how to recognize these wire transfer scams and understanding how they work.
Cyber criminals who perpetrate wire scams are careful researchers. Many times, they gather information using public records or make inquiries by calling organizations directly.
For example, the perpetrator can call an organization and find out when the executive director is out of town. The perpetrator will then know exactly when to target the organization since the executive director cannot be easily reached for verification purposes. Once the money has been wired out, recovering funds becomes difficult to impossible.
What can be done to protect my organization?
Many business-grade anti-spam services can help identify the real sender as part of the security features. However, most experts agree that the best way to combat wire transfer scams is to:
• Train all employees on how to spot fraudulent emails.
• Implement a checks and balances system in your organization so that wiring money requires multiple approvals or phone verification.
• Call the US Secret Service office or report to your local FBI if you suspect that your organization has been scammed.
Additionally, contact your financial institution immediately.
Take the steps right now to prevent wire transfer scams and keep cyber criminals from defrauding your organization. These scams can be detrimental to non-profits that use every cent of their funding towards their missions. The right preparation and knowledge could keep your organization’s financial accounts safe and untouched.