321546

Friday, 2 September 2016

Ripped Off: Social Engineering

I believe that the majority of people in this world are honest and caring, but know there's a few bad folk, in various degrees, who will take advantage of you and your family or business, so be aware!


Photo courtesy of Travelers 
This would include those who would steal from you or your business, and take your hard earned cash without a care. There are thousands of ways this could be done and we know one of the biggest and ever growing forms of theft are computer or cyber related scams.

It seems the latest one falls into a category called 'Social Engineering', whereby thieves use e-mail signatures, phone numbers, faxes and other such communication connections to mislead businesses and their employees into sending money to the scammers bank accounts.

Consider this scenario, as outlined by one of our leading insurers, Travelers, who are now providing coverage for this type of crime, along with their other forms of bond and specialty insurance. Consider this example, provided by Travelers.

"An order was made to a retailer for 1,000 laptops, and payment was received by the retailer. A few days later, the retailer received an email requesting a refund, canceling the order, and also providing revised account information for the refund. The retailer issues the refund, and later receives an inquiry from the original client, as to the whereabouts of the laptop order they paid for. The client’s email system was hacked, and the refund request was fraudulent."

Of course, this is just one of many ways that these savvy fraudsters get you and it happens every day. In fact, stats show that there are 100,000 'Social Engineering attacks daily, with pretty much an even split between large, medium and small sized businesses.
Any unsuspecting employee might receive a message that appears to be from a legitimate vendor, client or supplier that contains a variety of requests and information.
However, if a fraudster has infiltrated an email conversation and has been able to obtain the client, vendor or suppliers signature section to make their own request appear legitimate, you can see how easy the scam could work, even with well-managed businesses with proven best practices of employee training, partner background screenings and financial checks and balances.
Graphics courtesy of Travelers

No comments:

Post a Comment