Dear Ladies and Gentlemen,
With WaterColor Mnagement as your Crime Insurance insurer, you have a strong partner to stand by you when you need protection from fidelity risks.
But we do not only want to be there for you when a loss has already taken place. It is our aim to protect you and your company from the dangers which may threaten it. For this reason, we would like to warn you about specific fraud scenarios which have been responsible for causing a large number of losses in recent years, some of them quite high.
Scenario 1 – Fraud through criminals assuming a false identity – “Fake President Fraud”
In this type of scam, the perpetrators masquerade as being from inside your firm – usually as the owner or from top management and send an email or fax to an employee who is responsible in the company for carrying out bank transactions, asking them to execute an urgent money transfer. They try to make the employee believe that this is a highly confidential matter which must be kept secret at all costs, and which is vital for the owner or the company. The victims, who on the one hand feel flattered by the special trust shown in them by their superior and on the other are under great pressure due to the alleged importance of the transaction, in most cases execute such transfers without delay. The money is nearly always transferred to foreign bank accounts, often in Asia and Eastern Europe. If the fraud is exposed, the accounts there are almost always already empty or it is extremely difficult to recover the money due to the foreign legal system.
Scenario 2 Fraud through diverting payment flows – “Payment Diversion”
The fraudsters masquerade as business partners or suppliers of the insured company, and manage by giving fake information, to get payments for services rendered or goods delivered. The fraudsters accomplish this by diverting onto the invoice different bank account numbers from those previously listed. Sending a forged notice to the insured company where bank details have been changed and stating that future payments should be made to the new account number, is how this form of fraud functions.
Scenario 3 – Fraud through identity theft – “Fake Identity Fraud”
In this fraud scenario too, the perpetrators masquerade as an existing customer or a new customer of the insured company and send a written order for goods. Plausible reasons are then given for switching the delivery to a divergent delivery address. Since the identity of an already existing firm is used, the fraud victims do not at first smell a rat. The fraud often only comes out when payment does not arrive on time and a reminder is sent to the real customer. When the delivery address is then checked by the police, the premises are found to be deserted - and the goods have of course long since been moved somewhere else.
What can you do?
- Clearly demarcated processes and responsibilities in your company. If it is at all possible, the “four eyes principle” should be introduced for all relevant financial transactions. Set up clear rules to be followed in cases which are out of the ordinary, for instance when unusually high or urgent payments need to be made.
Verify the payment information or the email order. If possible, a call should be made to employees you already know at the customer or to the head office of the alleged customer. For this, do not use the telephone number given in the email, but, for instance, the one in your own internal records or on the customer’s website.
The details given of changes to the bank account data or divergent addresses for the recipients of a payment should similarly be verified by a safe method such as sending a letter or confirmation of the account with calling back to authenticate it.
Encourage your employees to get back to the alleged sender or at least to inform their direct superior if they receive a communication purporting to be from the company’s board which appears unusual in its style or contents or the expressions used, or perhaps even contains spelling or grammar mistakes.
Involving the police – in the event of an attack, you should file charges.
Inform your employees about this type of fraud scenario, make them aware of the danger and put these safeguards in place to deal with it.
This information sheet is intended for your general information only and can under no circumstances be construed as providing coverage. The scope of your coverage can be seen from the Schedule to your Policy.
Do you have any questions? Please do not hesitate to get in touch with us.
Give us a call at 256-260-0412.
With best regards
P.O. Box 1132
Decatur, AL 35602