How A Phone Scam Cost One Hedge Fund $1.2M

While all eyes are on cyberattacks and security breaches, a new type of fraud made out of a single phone call is a harsh reminder that technology cannot protect from a human — even if honest — error.

This type of fraud even has a name. It’s called the “Friday afternoon scam.” And it’s costing firms and their insurers an estimated £5 million (that’s around $7.7 million) every three months. To compare, the most severe breaches cost for SMEs are as much as £310,800 ($478,453), up from £115,000 ($177,033) in 2014. For companies with more than 500 employees, the average cost of the most severe breach is now between £1.46 million ($2.25 million) and £3.14 million ($4.83 million).

In 2013, Thomas Metson was finance chief at Fortelus Capital Management LLP when he received a phone call on a late Friday afternoon regarding 15 suspicious payments, Bloomberg reports. The fraudster said he was from Coutts Bank, where Fortelus had its accounts, and that he needed to cancel the suspicious payments. Although reluctant and believing that his company’s financial well-being was at stake, Metson used the bank’s smart card security system to generate codes.

On Monday morning, Metson came to the horrible realization that he had been conned when he saw that $1.2 million was missing. Since then he has been terminated and now is being sued by Fortelus.

The same could have happened to law firms which were targeted by fraudsters impersonating bank staff, asking for access to accounts, often late on a Friday. The law firms were warned by Zurich Insurance Group AG in May.

“People are always the weakest link,” said Jason Ferdinand, a director at Coventry University who runs the U.K.’s first cybersecurity MBA course, to Bloomberg. Employees “often assume that they do not have to think about security because a machine or software is doing it for them.”

In fact, the U.K. recently took a closer look at the human factor in security breaches in its latest Information Security Breaches Survey 2015. The survey noted that “three-quarters of large organizations suffered a staff-related breach, and nearly one-third of small organizations had a similar occurrence (up from 22 percent the previous year).”

[vc_row full_width=”” parallax=”” parallax_image=””][vc_column width=”1/1″][/vc_column][/vc_row][vc_row full_width=”” parallax=”” parallax_image=””][vc_column width=”1/1″][vc_separator color=”grey” align=”align_center” style=”” border_width=”” el_width=””][vc_single_image image=”148412″ alignment=”center” style=”vc_box_shadow_3d” border_color=”grey” img_link_large=”” img_link_target=”_blank” css_animation=”left-to-right” img_size=”full” link=”http://www.pymnts.com/whats-hot-today/”][vc_column_text css_animation=””]

To check out what else is HOT in the world of payments, click here.

[/vc_column_text][vc_separator color=”grey” align=”align_center” style=”” border_width=”” el_width=””][/vc_column][/vc_row]