Saving a leading engineering firm over $1m

Overview

In the era of digital transformation, our reliance on technology has become unavoidable. While technology significantly increases productivity, saves time and enhances the flow of information, it can also expose businesses to new areas of vulnerability. Both newly acquired and existing data held by organisations is one such area that can become susceptible to attacks.

Cybercriminals know exactly how sensitive online banking data is in the 21st century. They are also persistent, resilient and patient. It’s best to assume your business is constantly under a cyber-attack, and attackers only need to succeed once. Scammers can defraud your company just by fooling a single employee of any one of your suppliers, resulting in the supplier’s email being compromised.

Challenge

One of Eftsure’s customers is a large engineering and construction firm that undertakes large construction projects, scheduled maintenance and ongoing building service works. Their areas of expertise include project management, engineering, off-site prefabrication and integration.

Due to their diverse portfolio of services and products, the volume of invoices they pay every month is substantial. As a result, they recognised they were exposed to greater fraud risks. After all, despite always using sound controls and processes, there was always a chance that their own or one of the suppliers’ emails could be compromised.

That’s why the organisation decided to implement Eftsure and add a technical layer of security into their processes, providing real-time alerts and cross-matching to detect any suspicious payment details before funds were released.

Approach

The organisation was able to implement Eftsure in a matter of weeks, including training staff.

At the beginning of February 2020, they received a message about a change of account details for one of their suppliers. The requested change of banking details arrived in an email from the legitimate account of their primary contact at the supplier. It was part of a legitimate email trail the supplier and the customer had been corresponding on.

In keeping with their process, the customer initiated a change request from the Eftsure Portal requesting the supplier provide their updated details so that Eftsure could independently verify them.

Because a fraudster gained control of this supplier’s email, they intercepted and finished the onboarding process. This set off alerts within Eftsure’s verification software due to discrepancies in the fraudster’s IP address compared to the supplier’s usual IP region. Additionally, these new details differed from recent banking information used by other Eftsure customers for the same supplier, triggering several other internal warning signals generated by Eftsure’s algorithms.

As per Eftsure’s process, a number was independently sourced and the supplier was called. In that call, Eftsure were advised that the new details provided were incorrect and unknown to the supplier. Eftsure immediately considered the onboarding to be failed and provided a new invitation to the supplier using a different (this time legitimate) supplier email address. Eftsure’s team also advised the customer and supplier of the attempted fraud. The legitimate supplier then logged in and provided the correct details. The details were re-verified by Eftsure by cross-matching them against its database of pre-verified data.

The supplier performed further investigations and confirmed that their email account had been compromised. Fraudsters had been monitoring communication in the compromised email account and using it to attempt to defraud the supplier’s customers. Once this fraud was exposed, the supplier closed the email account completely and contacted all their other customers to warn them not to accept any changed details.

The fraudulent details were added to Eftsure’s blacklist so if any other customer were to make a payment to this account, they would see a red thumb alert.

Results

Eftsure’s Know Your Payee solution proved indispensable in preventing a fraudulent payment and averting substantial financial loss. By harnessing the power of a verified supplier database, community-driven protection and sophisticated fraud monitoring algorithms, Eftsure delivered the following outcomes:

• Supplier verification. By validating changes in supplier account details with Eftsure, the firm ensured that payments reached the intended recipients, safeguarding them against fraud.
• Timely fraud detection. Eftsure’s alerts enabled the firm to notify the supplier’s other customers, preventing further payments to the fraudsters.
• Massive financial savings. Eftsure’s intervention prevented potential losses of over $1 million. Without these alerts, the firm could have unwittingly made multiple payments to the fraudsters, resulting in significant financial harm and reputational damage.
• Community protection. The incident highlighted the value of being part of a collaborative network of businesses committed to tackling cyber threats collectively.
• Demonstrated ROI. Within just seven months of implementing Eftsure, the firm reaped substantial returns on investment by avoiding a major loss and enhancing productivity.

In a world where cyber threats are persistent and ever-evolving, Eftsure’s solution demonstrates the critical role of technology in safeguarding financial integrity. This case study underscores the significance of proactive measures and collaborative efforts to ensure that businesses remain resilient against cybercriminals.