Weekly Tip! Fraudulent Funds Transfers

Weekly Tip! Fraudulent Funds Transfers

Organizations often use email to send their employees invoices that they need to pay. Now, cybercriminals are taking advantage of this process by using fraudulent funds transfer (FFT) scams. In FFT scams, cybercriminals try to manipulate you into transferring your organization’s funds to their bank accounts.

To start an FFT scam, cybercriminals use social engineering to steal an email account from your organization. Then, they use this account to send you an email pretending to be an executive from your organization. This email lists bank account information and states that you need to send a payment to the bank account as soon as possible. If you send this payment, you won’t be paying an important invoice for your organization. Instead, you’ll be sending your organization’s money directly to cybercriminals.

Follow the tips below to stay safe from similar scams:
- Always think before you click! Cybercriminals can use fake invoices to alarm you and trick you into clicking impulsively.
- Never send money to a bank account provided in an email. Instead, navigate to the organization’s official website to submit a secure payment.
- To verify the legitimacy of an invoice, reach out to the person who allegedly sent the email by phone or in person.

The KnowBe4 Security Team
    • Related Articles

    • Weekly Tip! EvilProxy and URLs

      About a week ago, researchers uncovered a new "phishing-for-hire" tool called EvilProxy. The tool sends standard phishing emails to recipients, but it implements some advanced hacking techniques to dramatically increase the odds of taking over your ...
    • Weekly Tip! Student Loan Relief Scams

      The U.S. Government recently announced its plan to give citizens up to $20,000 of student loan relief. This plan requires that citizens submit an application to determine if they qualify for the loan. Cybercriminals are taking advantage of this ...
    • Weekly Tip! Using Attachments

      Phishers aren't really as bright as you might think - they just know how to reuse what works. One of their favorite tricks is to attach a file to an email, and trick us into opening the attachment. While it may appear to be a PDF document or a Word ...
    • Weekly Tip! IT or Cybercriminal?

      Coinbase, a cryptocurrency platform, was the latest victim of a social engineering attack. Social engineering occurs when cybercriminals manipulate you to try to steal your sensitive information. In this recent attack, a cybercriminal sent smishing ...
    • Weekly Tip! Disaster Relief Scams

      When a natural disaster strikes, many people rely on insurance providers for disaster relief to help them pay for damages to property. Unfortunately, cybercriminals can take advantage of this vulnerable situation by manipulating you into sharing ...