Company accountants can be the target of many electronic scams that can be very costly… According to the Canadian Anti-Fraud Centre (CAFC), reported losses amounted to more than $17 million in 2018. Here is a roundup of the most popular schemes and tips to avoid falling into the trap.
The false executive
You receive an email from the address of an executive of the organization. He says he is outside the country and asks you to make an urgent wire transfer or payment to another person.
The gourmet supplier
In an email that appears to come from one of your suppliers, you are asked to provide your bank details under the pretext of a change in payment terms in their company or updating customer data.
The fraudster purchases goods or services online and when it comes time to pay you discover (too late) that the credit card used is stolen or cloned or that the payment for the product is fake. What’s more, the scammer simply doesn’t pay the bill!
Using expert’s jargon, he tells you that your system needs updates and that he has to have remote access to your computer. He asks for some information and in a few clicks he controls your workstation… and possibly everything connected to it.
An email that appears to be from a colleague, boss or customer asks you to transfer funds, buy prepaid cards and send him the numbers.
Malware was installed when you clicked on a link in an email. Your computer is infected and the fraudsters demand a ransom to restore your computer system to function properly.
How to protect your organization
- Create a list of suppliers and employees with their contact information.
- Limit the number of employees who can approve and pay bills.
- Validate requests for payment using the requestor’s email address in your contact bank, not by responding directly to his email.
- Meticulously check invoices and email addresses. Fraudsters use logos and names that are similar to those of suppliers, but there are often dubious details.
- Establish procedures at several levels for payments and account management.
- Limit the amount of information you make public online, such as executive email addresses… this information is a gold mine for fraudsters!