Phishing Amid The Sea Of Invoice Fraud

If the saying is that there is nothing new under the sun, only new ways to say it, then let’s extend the sentiment to payments.

There’s nothing new under the sun.  There are just new ways to steal it.

The fact remains that technology has fostered business done across borders and through email.  Business can bring people together who never see each other face to face. The email account is the primary means of communication. Where there is anonymity there is room for wrongdoing.

Phishing still grabs victims by the wallet, and Barclays warns against social engineering.

Specifically, Barclays Corporate Banking this past week warned business owners that simply protecting corporate assets with, say, anti-malware just won’t cut it. “Fraudsters often employ low-tech methods rather than trojans or other malicious software,” the bank cautioned.

And in terms of methods, all must be vigilant against social engineering. One mantra that must be repeated is this one. Barclays has urged professional services clients to “check, check and check again.”

The social engineering gambit is one you might know. It is called phishing and lures the unwitting corporate executive or owner into giving away sensitive data or sending money to the fraudster.

Watch out. The invoice that may be the lure, with account details that facilitate the transfer of money … never to be seen again. In these and other warnings — along with some case studies herein — business owners need to make staff aware of the specter of invoice fraud. Invoices must be checked carefully, as should email addresses — and of course steady contact with suppliers is helpful.

Against this warning, is it any surprise that, in a separate study, as many as 84 percent of professionals think that fraud will, in fact, increase? That’s a slight drop from previous estimates, per NACHA, but still … read on for some more cautionary tales.