Wire fraud is a daily danger. Cyber-security filters may stop 90%+ of attempts, but some still get through. For international clients, efforts are especially focused when US, European and Asian bank holidays are out of sync. Scammers want to prevent you from verbally verifying a wire request, since the requester’s office is closed.
Here are other things to do to prevent wire fraud at your foundation:
Check the email source thoroughly
It’s easy for a scammer to slightly change an email so that it looks close to the authentic source. E.g. George.Jones@Acmbank.com versus the authentic George.Jones@Acmebank.com. If you’re in a hurry, you might miss this.
Beware of new wire instructions
Scammers can spend weeks in your email system to learn the formatting you use for wire requests, and mimic the personal info or style of one of your higher-ups.
Double check destination account numbers and bank routing numbers to make sure they’re correct. As a standard control, you might have a second person review wire instructions above a certain threshold.
Use your privacy settings on social media effectively
Scammers are skilled at integrating information from your social media with your foundation’s website and other sources. This can lull recipients into thinking they’re dealing with the real you.
Passwords need to be high quality
Similarly, through social media, scammers can learn of your links to schools, delivery services and clubs, which often have minimal or no security. People tend to have a consistent pattern to their passwords, which scammers can exploit to hack into your account.
Beware of any sense of urgency
Scammers may try to get you to shortcut your controls through perceived pressure. This includes dangling the threat of material late fees, or withdrawing an offer or deal, if the wire transfer is not completed immediately.
The only failsafe way to prevent wire fraud is to pick up the phone and verbally confirm the details with someone who’s authorized.
Ideally, this will be a published company phone, not a cell. Logos and other official looking information can be lifted from the internet and placed in an email. As such, supplemental validation is a must for new wire instructions, large amounts, urgent requests, or any request that seems off.
About the Author
Tom Donahoe was previously a foundation CEO. His number is (917) 287-9551. This and related briefings are available at Manager Analysis Services, LLC.