Protect Your Organization From Wire Transfer Fraud

October 4, 2023

Wire transfer fraud presents a significant financial risk to organizations worldwide. As cybercriminals continue to advance their tactics, it is vital for organizations to implement internal controls to detect and immobilize cybercriminals in their networks.

Once cybercriminals infiltrate a network, they gain access to banking credentials, allowing them to initiate unauthorized wire transfers and redirect incoming payments. Often these criminals impersonate company employees, remaining undetected while testing small transfers to both foreign and domestic shell accounts. If they’re successful, they will authorize larger fraudulent transfers.

Failure to recognize fraudulent transactions early on can result in substantial financial losses and operational disruptions. It can be difficult to claw back the funds once the wire transfers are complete, leaving organizations to the mercy of their cyber policy sub-limits.

To effectively mitigate these risks, organizations should implement the following cybersecurity measures:

1. Employ defensive tools and strategies, such as endpoint detection and response software

2. Mandate “cyber hygiene” training for all network users

3. Require the use of multifactor authentication (MFA) and virtual private networks (VPN) for network access

4. Monitor bank accounts daily for suspicious activity, such as unusual payments and changes to permissions and credentials

5. Update banking controls by banning international wire transfers, adding Payee Positive Pay, establishing account alerts, and establishing weekly/monthly limits on wire transfer amounts

6. Strengthen payment verification practices, such as requiring two or more authorized users to approve payments

Should your organization fall victim to wire transfer fraud, contact your Conner Strong & Buckelew Claim Advocacy & Consulting team immediately. Visit our Cyber Portal to access additional tools, trainings and resources to help keep your organization safe.


Cyber Risk