Hamilton Police Alert Local Businesses about Scams
The Hamilton Police Major Fraud Unit continues to see a rise in local businesses becoming victims of what is commonly known as the “Business Email Compromise” or “CEO Scam”. Although there are many variations of this scheme, the ones reported to Hamilton Police typically involve the use of spoofed email addresses.
In this Business Email Compromise scam, employees of organizations responsible for finances or payments will be contacted by a high level executive requesting a rush payment for what is described as an urgent business need. The criminal can mimic all aspects of the “executives” email style and will often ask for the victim to not share the information with anyone else. Only after wiring large sums of money will the victim recognize they have been deceived. Unfortunately in many instances the money is sent abroad making it almost impossible to get the money back.
These attacks succeed because they rely on tricking employees into ignoring or bypassing basic security precautions.
Tips on protecting your business include;
- Develop, implement and test robust practices/policies that involve internal prevention techniques at all levels. No-one is immune.
- Use face-to-face or voice-to-voice communications to verify transactions. Walk into the CEO’s office or speak directly by phone. Don’t rely on e-mail alone.
- Limit what is posted on social media and company websites, especially job duties and descriptions, hierarchal information and out-of-office details.
- Employ two-factor authentication; have secondary sign-off for payments, especially significant ones.
- Be suspicious of requests for secrecy or pressure to act quickly.
- Consider registering all company domains slightly different than the company’s actual domain.
The list of frauds and scams is large and changes every day. The easiest way of combatting this crime is by not falling victim to it. FRAUD…Recognize It…Reject It…Report It.