Is that email really from your boss?

by: Nicole Reyes

Financial institution employees have long had their guards up when it comes to their email. With phishing scams and the added complexity of social engineering, malicious communication has become a real problem.

Financial service professionals understand these scams are especially dangerous when they target the employees of a credit union or bank. Thanks to consistent and clear education, many of these employees have become near experts at spotting fake emails. As such, the fraudsters have been forced to find new ways to trick skeptical employees.

What are they up to now? The scam artists are no longer content to send phishing emails from well-known companies and organizations; now they are masquerading as your boss.

The fraudsters send emails that appear to come from senior executives (typically the CFO or CEO) inside targeted financial institutions. The note usually comes to a junior employee and requests an urgent – and confidential – financial transaction. The employee then initiates the top-secret transaction via ACH to a fake account and the scheme goes undetected until employees talk to one another or an internal system detects the mistake.

These masquerading crimes underscore the importance of layered security. Financial institutions must have policies in place to combat this type of incident and to give employees the confidence to verify strange requests – even if they appear to be coming from the very top.

continue reading »