Don’t Overlook Small Details

Payments fraud doesn’t suddenly occur out of the blue.

Fraudsters meticulously plan their crimes, taking time to intensively study their target. Once they’ve managed to gain access to a target’s email system, they undertake extensive reconnaissance, identifying exploitable opportunities and communications patterns that can aid them in executing their theft.

Sophisticated scammers hone their skills over years. They know what it takes to deceive accounting staff into processing fake payment instructions. When impersonating the legitimate owner of a compromised email account, they carefully craft their messages to closely resemble the tone and style of the individual they are impersonating.

By closely scrutinising the content of emails to identify any hint of unusual or unexpected shifts in language, as well as spelling or grammatical errors, you could end up stumbling across an attempted fraud.

Be on the Lookout for Red Flags

For Stacey, a Relationship Associated at NAB Private, facilitating large payment transfers for customers was routine. However, when one Perth businessman recently requested a $6 million transfer as part of a capital raising round, something prompted her to investigate the request further.

Stacey called the businessman, who confirmed the payment request was legitimate. However, given he was about to board a flight, he asked Stacey to verify the payment details with his accountant, which she did.

Whilst waiting for the accountant to confirm all the payment details, Stacey decided to review the email chain.

The first indication of something strange was the word “group” had been misspelled “gruop”. On its own, that may seem like a simple typo. However, Stacey also noticed slight changes in tone that hinted at something more sinister. The sender was using different greetings for each email, such as “hi” and “hello”.

On top of that, the businessman had received last minute advice that the bank account details into which he was required to deposit the $6 million had changed. Furthermore, the payment date had been brought forward.

For Stacey, these were all red flags indicating attempted fraud.

Upon calling the individual who was genuinely supposed to receive the $6 million, Stacey learned that he had not made any changes to his bank account, nor had he brought forward the payment date.

It was clear malicious actors had infiltrated the email system and were using it to try and deceive the businessman into sending the funds to a bank account controlled by the fraudsters.

How Eftsure Helps

Fraudsters will stop at nothing in their attempts to deceive unsuspecting individuals into redirecting payments. Increasingly, they are using highly sophisticated tactics that are almost impossible to detect. Even trained AP staff can easily miss the red flags!

Relying on your busy AP team to detect the slightest hints of a potential fraud will ultimately fail.

However, having Eftsure sitting on top of your accounting processes ensures you only pay intended recipients. With our unique green and red thumb indicators, you will know in real-time whether the bank account details you are using to process a payment align with the details used by others to pay the same beneficiary.

This gives your AP team assurance that they are not being defrauded when processing EFT payments.

For a full demonstration of the power of Eftsure, contact us today.

cybersecurity-cfo-guide-2022
Cyber Security Guide for CFOs
As a CFO learn everything you need to know to safeguard your organisation's financial assets from increasingly sophisticated cyber criminals.

Download your free guide today!
Eli Oshorov
Eli wallows neck-deep in the world of scams, digital fraud and cyber-crime, so you don't have to! By bringing you news of all the latest attack vectors, you can always stay one step ahead of malicious actors.

Subscribe to our blog

Subscribe to the eftsure blog to receive updates when we post.