WESTconsin on Morning Connection - Protect Your Business and Employees from Scams This Summer

Posted:

Summer is a time to celebrate. Many employees are out enjoying the sunshine and summer holidays, bouncing back many out-of-office messages.

Knowing that many of us will be taking time off this summer, some fraudsters use the opportunity to send email messages that appear to come from leadership or other staff members. These emails are intended to deceive your employees into sending money or information to fraudsters while the team members are away on vacation.

These attempts are especially deceitful because emails often make what appears to be a legitimate request, including sending an invoice with updated payment information, with similar email addresses, names, and email signatures. Some employees are likely to fall victim because they believe they are doing what their superiors or coworkers are asking them to do.

"When supervisors or managers are out of the office and [employees] are getting those emails, it's important for businesses to train their employees to recognize them and how to tell if they're legitimate or not," said Stacy Erikson, Business Services Supervisor, on May's WEAU 13 News Morning Connection. 

Here at WESTconsin Credit Union, protecting our members from fraud is a top priority. Below are some steps  businesses can take to reduce the chances of an employee becoming a victim of business email compromise.

Follow these steps to protect your business and your employees from business email compromise:

  • Educate and train employees to recognize, question, and independently authenticate changes in payment instructions, payment methods (e.g., ACH to wire), or when pressured to act quickly or secretively
  • Be old-fashioned! Verbally authenticate any changes via the telephone
  • Review accounts frequently
  • Initiate payments using dual controls
  • Never provide passwords, usernames, authentication credentials, or account information when contacted
  • Don’t provide nonpublic business information on social media
  • Avoid free web-based email accounts for business purposes. A company domain should always be used in business emails
  • Consider registering domains that closely resemble the company’s actual domain to make impersonation harder
  • Do not use the “reply” option when authenticating emails for payment requests. Instead, use the “forward” option and type in the correct email address or select from a known address book

The best way to protect yourself from fraud is to stay educated and vigilant. More fraud and security resources are available at WESTconsincu.org.

If you do fall victim to one of these fraud attempts, please reach out to WESTconsin Credit Union as soon as possible so we can help you. You can contact us at (800) 924-0022 or visit one of our convenient locations across western Wisconsin. 

Send this blog post to someone:

SUBMIT