7 BEC Scams That Prove Nonprofits Need Stronger Payment Controls
Nonprofits are prime BEC targets—see real attacks and what finance leaders must do to protect funds, data, and mission-critical operations.
With the best software, firewalls and spam filters installed, you may believe you are protected from cybercriminals. Think again! Even tech giants like Facebook and Google have been recently scammed by a fast-growing threat known as business email compromise (BEC). BEC relies on the oldest trick in the book: deception.
Since employees are usually the target, equip them with the skills and tools to spot threats and respond effectively.
Don’t just rely on email. Encourage employees to actively verify money transfer requests, for example, by walking into senior executives’ offices or by speaking to them directly on the phone.
Have systems in place to validate all changes in vendor payment details. If this is done by phone, ensure previously known phone numbers are used, not those in the email request.
Independent third-party verification systems such as EFTsure’s “Know Your Payee” Solution automate payment checking and supplier verification, saving time on manual processes and reducing human error.
The FBI advises establishing intrusion detection system rules that flag emails with extensions that are similar to company emails. Also create an email rule to flag email communications where the “reply” email address is different from the “from” address shown. And introduce colour code virtual correspondence so emails from employee/internal accounts are one colour and emails from non-employee/external accounts are another.
Tools exist to help you assess how vulnerable your company is to phishing and malware and where improvements should be made.
Nonprofits are prime BEC targets—see real attacks and what finance leaders must do to protect funds, data, and mission-critical operations.
Manufacturers are top targets for BEC scams. See 6 real cases that expose how attackers steal millions—and what finance teams must do to stay protected.
See how 5 real BEC scams stole millions from healthcare orgs—what finance leaders must know to stop attacks that target payments, data, and operations.
Eftsure provides continuous control monitoring to protect your eft payments. Our multi-factor verification approach protects your organisation from financial loss due to cybercrime, fraud and error.