Five ways to spot and avoid business email fraud

Authored by Bukaty Companies on August 7, 2015
Cybercrime is here. Where are you?
With new technology comes new conveniences, and with that, new crimes.
An article recently published in the Wall Street Journal, “Fraudsters Hack Email, Grab Funds” highlights a small business, Mega Metals Inc., who lost $100,000 after falling victim to business email fraud. Hackers gained access to email accounts in order to falsify wire-transfer instructions, appearing to come from a high level executive, and sent them straight into a fraudulent account unable to be tracked or recovered.

Consumers have the ability to manage their money through online banking, track spending, and transfer funds all with a click of a button… and so can cybercriminals.

With the changing technological tides, criminals are evolving and tailoring their methods to stay afloat. Nowadays, most consumers aren’t as worried about being mugged and having wallets stolen as they are about their bank accounts being quietly emptied before they’re aware they’ve been compromised.

Everything being processed online has businesses also dealing with the same wave of criminal activity and with numerous day-to-day transactions; a simple oversight can lead to detrimental financial loss.

An uninvited email can provide a hacker access to a company’s network and stands to be the most commonly used method to implant malware.

Those most at risk are small businesses that may not have the budget to implement security and counteract attempts to exploit their email accounts and computer systems.

While there is no foolproof way to prevent cyber-attack, there are strategies to protect against these advancing threats.


5 Ways to Spot and Avoid Business Email Fraud

Cyber Safety Awareness


1. Check, check, and check again

One clue that a hacker may be attempting to infiltrate your company’s email exchange is a message received with a domain similar, but not identical to, the legitimate domain name.  Contact the authorized sender to confirm. Block bogus email domains at the exchange server level to protect your entire enterprise.

2. Implement fail-secure verification procedures

Critical tasks such as transferring money now require fail-secure verification.  All money transfers and invoice payments should still be authorized in writing but confirmed verbally. This could include a call to the companies receiving funds to confirm wire numbers and deposit accounts.  Consult with your banker.  Many banks now offer two-stage transfer verification which requires two employees with separate authorization credentials to initiate and execute all money transfers.  

  1. Beef up your computer security systems

Invest in layered computer security that use several safeguards. Block all emails with executable file attachments; the hacker’s tool of choice for planting virus.  No antivirus software is 100% effective.  Many IT specialists now recommend installing two competing products.  Run them daily instead of weekly.  Establish procedures to quickly pull infected work stations from your network to isolate threats.

  1. Put your knowledge to the test

One wrong click could open the floodgates to a data breach. McAfee, part of Intel Security, is the world's largest security technology company. They developed a "Phishing Quiz" to test user's knowledge of what a harmful email may look like. To strengthen your knowledge and awareness, take the quiz here.

     5.  Talk to your broker

Standard crime and theft insurance often do not anticipate loss due to computer fraud.  Recently, insurers have started adding “social engineering fraud” coverage to their list of add-ons to standard crime policies. This reimburses companies for losses when misled into transferring funds based on fraudulent information. Talk to your Bukaty representative to determine the right coverage for your potential risks.

When it comes to protecting your business, be proactive. If we can help your business navigate through these present-day perils, please reach out, 913-647-3946.

As always, thank you for allowing us to be your trusted insurance adviser. Your business is appreciated.

Blog Category: Workplace Insights

To the Point podcast logo


Episode 12: Enrich your company's HSA benefits

Uncover the hidden benefits of health savings accounts (HSAs). Our in-house expert reveals why HSAs are the fast-growing employee benefit.

Episode 11: Regulation changes to know in 2020

Our compliance officer recaps the more significant regulatory from 2019 that will affect your business in 2020. 

Episode 10: Lower costs with a dependent audit

Verifying plan membership is valuable to your company's bottom line. As much as 10% of dependents on your plan could be ineligible for group coverage! Learn more about conducting a dependent audit in your organization.

Episode 9: Make open enrollment a breeze

Bukaty experts share their thoughts on how to avoid open enrollment complications. Planning and communication are key.

Episode 8: Avoiding employee lawsuits

Discover how your business could be at risk for lawsuits, and learn strategies to minimize your chances of getting sued. Our podcast guest shares HR tips you won’t want to miss.

Episode 7: Management training is more important than you realize

Don't leave your managers untrained and unprepared. This episode explores the importance of training your company leaders and how it can be detrimental to your business if you don't.

Episode 6: A benefits package for all ages

Rather than limit your company to an outdated one-size-fits-all benefit package, explore customized, generationally based benefit options for your employees. Each generation has different benefit preferences and Bukaty has the technology and benefit lineup to cater to their needs.

Register for the Webinar