The current hot topic that you may have heard of is cyber crime and fraud that targets construction companies. The bad guys can trick an employee into clicking a link that plants malware on their network. This allows them to monitor the email traffic and then submit a fraudulent email directly to one of the construction customers asking them to divert a large invoice payment to another account. This has been identified as a growing national trend.
Although this particular phishing attempt is targeted at the building trade, there are many variations. Here are a few steps you can take to safeguard your business regardless of the type.
- Confirm requests for transfers of funds by using phone verification as part of a two-factor authentication and verify/use previously known phone numbers.
- Carefully scrutinize all email requests for transfer of funds.
- Create an email rule to flag email communications where the “reply” email address is different from the “from” email address shown.