For banking customers, wire transfers — which see funds sent electronically from one bank account directly to another — deliver a fast and convenient way to send and receive funds in the digital age. Adding to their appeal for businesses and everyday consumers alike, they’re also considered to be highly secure when the proper precautions are in place, and they carry relatively low fees compared with other methods of payment.
But as with most any modern monetary transactions, wire transfers also present an alluring target for cybercriminals, who leverage wire fraud and other e-crime scams to steal billions of dollars from U.S. residents and businesses each year. According to wire fraud prevention firm CertifID, on average, the FBI receives more than 2,400 complaints of wire fraud each day — and the number of reported incidents increased by 10% between 2022 and 2023.
But by implementing the right security measures, businesses can better protect themselves from cybercrimes like wire fraud … and greatly reduce their chances of falling victim to these ill-intentioned schemes.
What is wire fraud?
According to the U.S. Department of Justice, wire fraud is defined as any type of fraud involving the “use of an interstate telephone call or electronic communication made in furtherance of the scheme.” It typically sees a scammer use telephone, text or internet technology to steal money from a business.
The most common ways cybercriminals use wire fraud to steal money from a business include:
- Using email, phone or text communications to deceptively harvest login/password information and gain access to a business’s financial account(s), enabling them to transfer funds out without the business’s knowledge. These scams often use social engineering tactics such as phishing or smishing to trick message recipients into providing the sensitive information needed to infiltrate accounts and send wire transfers.
- Tricking businesses into sending a wire transfer under false pretenses, such as sending a fake invoice disguised as an invoice from a legitimate vendor, only with false account information provided that directs the funds to an account that the cybercriminal controls.
Because the funds delivered by wire transfers are considered verified, they can be immediately withdrawn by the recipient once they’re delivered to the destination account. So once a wire transfer is sent, it can’t be recovered — even if it’s discovered that fraud was involved in the transaction. This makes adding in extra layers of precaution especially important when sending wire transfers.
6 wire fraud prevention tactics
For businesses wondering how to prevent wire fraud, the following six tactics are designed to strengthen protections against cybercriminals who try to employ the deceptive scheme:
- Put a clear process in place
Develop and implement a clear and well-defined process for initiating wire transfers, making sure to put a strong emphasis on documentation and verification when any wire transfer is requested. (This is especially critical when there is a change in the recipient’s routing information or when the transfer request is coming from a new recipient.) - Ensure the identity of every wire transfer recipient
To ensure the authenticity of any wire-transfer requests you receive, it is important to include a requirement for verbal verification of such requests. This can be achieved by placing a direct call to the client or vendor making the transfer request to confirm its legitimacy. When doing so, be sure to use a known phone number that you have on file for the client or vendor, or one that you’ve tracked down via an official source such as a business website or an official business directory. (Any contact information provided in fraudulent requests for wire transfers is unlikely to actually be that of the business or vendor being impersonated, making it important to use a number known to be accurate and trustworthy.) - Be especially leery of any changes or other outside-the-norm requests
The verification process outlined above is especially critical when a change in a payment request is received from a client or vendor, or when any out-of-the-ordinary instruction is made with a request. These can be signs that a user’s information or access has been compromised by a cybercriminal, and they should serve as red flags that additional verification/confirmation may be called for. - Educate your employees
Once you have a process for initiating wire transfers in place, make sure your entire team is familiar with it, especially any employees who might be directly involved in fielding and facilitating wire transfers for your business. Further, it’s also wise to ensure your employees are well-informed on how to identify and report phishing attempts and other tactics cybercriminals might employ in an effort to commit wire fraud. - Implement dual control
When dual control measures are implemented for wire transfers, one employee might have the authority to initiate a wire transfer, while another might act as the approver for the release of the payment. Having such dual control measures in place can reduce the chances of successful wire fraud attempts, elevate employee accountability and add an extra layer of protection against any wire fraud schemes. - Employ cybersecurity best practices
In general, many of the same best practices used to ensure the overall cybersecurity of your business can help protect you against wire fraud, too. To keep your business and its sensitive information safe, make sure that your employees know and employ the best practices for staying safe online.
Proudly serving South Carolina since 1933, Arthur State Bank offers accounts and services to meet a variety of financial needs. To help you achieve all your financial goals, the bank offers in-person service as well as a range of convenient digital solutions. To learn how Arthur State Bank can help you with banking needs ranging from checking and savings to retirement accounts, mortgages, other personal loans and more, visit arthurstatebank.com.