- Beware of increased phishing and hacking attempts by fraudsters during times of uncertainty.
- Carefully review emails you receive and pay close attention to spot any irregularities.
- Stay up-to-date on the latest scams related to coronavirus and fraud prevention tips at svb.com/fraud-prevention.
In challenging times, SVB reaches out to our clients when we have helpful information to share. There are some new fraud risks you should know about.
Increased risk of phishing and hacking
As we experience the spread of coronavirus, fraudsters attempt to take advantage of the uncertainty by increasing phishing/hacking attempts. Following heightened security protocols is key, especially if you receive a request to update payment instructions for an existing business contact.
To protect your accounts, here are some things that you should know.
Understanding business or vendor email compromise
The intent of this common scam is to prey on the goodwill of your employees. Typically, this scam is triggered by a fraudulent email sent to your company’s payments team. Advise your employees to be on the lookout for the following.
- An email, often appearing to be sent from a legitimate contractor, vendor, creditor or even a senior executive at your company, asking that an urgent payment be made
- An email or forged letter from a vendor, advising that its account numbers have changed and instructing you to update the ACH or wire beneficiary account information
Such messages are often accompanied by requests for secrecy and admonitions that the recipient not discuss the matter with anyone else. Sometimes fraudulent emails may claim that your company has overdue invoices that must be paid immediately — or that the instructions are coming from a finance executive at your company who needs a payment sent right away. In such cases, the fraudster is hoping that a sense of urgency will prevent the employee from questioning the instructions and make a payment to a fraudulent account.
Exploiting the latest coronavirus news and developments
During turbulent times, fraudsters leverage recent news and developments to scam investors out of money. The SEC reports a growing awareness of internet promotions or “research reports” claiming that certain products or services of publicly traded companies can prevent, detect or cure coronavirus and that stock in those companies will dramatically increase in value to a specific “target price.” Investors are urged to be wary of such promotions.
Additionally, a rising number of fraudulent emails are being sent as official communications from health authorities such as the Centers for Disease Control and Prevention and the World Health Organization. These emails include attachments or web links that claim to provide important updates but instead infect devices with malware.
Tips for preventing fraud
- Review emails closely to ensure that the sender’s email address is accurate (e.g., email@example.com vs. firstname.lastname@example.org).
- Beware of fraudulent messages from domain names similar to the real web addresses of health organizations (e.g., who.com vs. who.int).
- Call the contact/vendor at the phone number you have on file to confirm any requests for payment account changes.
- Train employees who process payments to be aware of scammers, and develop internal payment verification procedures so that employees won’t be afraid to double-check “urgent” payments.
- Set limits on online payments and use dual controls so that high-dollar transactions must be reviewed by a second person before they are sent.
Additional fraud prevention reminders
- Keep your personal and business information protected and secure with strong, unique passwords — and change them frequently.
- Be wary of clicking on links in emails or online advertisements, which are the primary conduits of malware and phishing attacks.
- Continuously monitor your account for unusual activity.
- Enable notifications on your accounts to be informed of balance or transaction thresholds, password changes and user profile additions and modifications.
- Use anti-malware software such as Trusteer Rapport, available at no cost to all SVB clients.