The rise of cybercrime has made businesses more vulnerable to sophisticated scams, particularly payment redirection scams. Cybercriminals are leveraging advanced technology to craft realistic-looking phishing scams, duping business owners into making fraudulent payments. Payment redirection scams involve tricking businesses into sending funds to the wrong account, typically by impersonating a legitimate supplier or vendor.
So, what exactly is a payment redirection scam? It’s a form of fraud where attackers intercept communication between a business and its suppliers or clients and then redirect payments to their own accounts. These scams are particularly effective because they exploit trust and often mimic legitimate communication channels, making it difficult to detect until it’s too late.
How Payment Redirection Scams Work
Cybercriminals use a variety of tactics to carry out payment redirection scams. Typically, it begins with a phishing email, designed to look like it’s coming from a trusted supplier or client. The email often contains an attachment or link, urging the recipient to update payment details or review an invoice.
Once the unsuspecting recipient opens the attachment or clicks the link, malicious software is installed, giving the scammer access to email communication between the business and its vendors or customers. The cybercriminal then monitors the communication, waiting for a large transaction to be processed. When the time is right, they intercept the transaction and send a spoofed email—using slightly altered email addresses or domain names—requesting that the payment be redirected to a different bank account.
Since the email appears to be from a trusted source, many business owners or finance departments proceed without second-guessing the request, leading to significant financial loss.
How to Protect Yourself
Fortunately, there are steps businesses and consumers can take to protect themselves from falling victim to payment redirection scams:
- Bank Account Verification Checks: Before processing any payments, especially if the payment details have changed, businesses should run a bank account verification check. This will confirm that the bank account matches the supplier or customer’s registered details, helping to prevent fraudulent transactions.
- Credit Authorization Checks: Implementing credit vetting and authorization checks can help businesses verify the legitimacy of suppliers or clients before entering into financial agreements. These checks can also alert businesses to any red flags associated with suspicious activity.
- Double-Check Email Addresses: It’s essential to verify the email addresses on any correspondence, particularly those that contain payment instructions or invoices. Phishing emails often use email addresses that are nearly identical to legitimate ones, but may contain minor differences, such as “yourclientname@compny.co.za” instead of “yourclientname@company.co.za.”
- Avoid Opening Suspicious Attachments: If an email seems unusual, even if it’s from a familiar source, avoid opening attachments or clicking links until you’ve verified the authenticity of the sender. When in doubt, call the sender directly to confirm that the email is legitimate.
- Use Two-Factor Authentication (2FA): Implementing 2FA on business email accounts adds an extra layer of security. This ensures that even if a cybercriminal gains access to your login details, they’ll be unable to access your email account without the second form of authentication.
What to Look Out For
To stay ahead of cybercriminals, it’s important to be aware of the common warning signs that may indicate a payment redirection scam. Here’s what to watch for:
- Spelling or Grammar Errors: Many phishing emails contain spelling mistakes or grammatical errors that can give them away.
- Incorrect Sender Email Address: Look closely at the email address of the sender. As mentioned earlier, scammers often use slight alterations to trick you into thinking it’s a legitimate contact.
- Urgency or Pushy Language: Fraudulent emails often pressure recipients to make payments quickly, using language that creates a sense of urgency.
- Threatening Language: Be wary of emails or calls that use threatening or aggressive language regarding overdue payments. Scammers use these tactics to force quick decisions.
- Slightly Incorrect Details: Even a minor discrepancy in details like the company name or account information can be a red flag. Always double-check these details before proceeding with any payment.
Conclusion
In today’s digital world, businesses must stay vigilant to protect themselves against payment redirection scams. Implementing verification checks, such as bank account verification and credit authorization checks, can go a long way in safeguarding your business from fraud. These simple steps help ensure that payments are going to the correct recipient, reducing the risk of financial losses due to cybercrime.
How MarisIT Can Help You
MarisIT is dedicated to helping businesses protect themselves from the threat of fraud. Our reliable and accurate credit vetting and scoring solutions enable businesses to make more informed decisions, improve efficiency, and safeguard their operations against the ever-evolving landscape of cyber threats.
If you’re looking for a trusted partner in credit vetting, contact the MarisIT team today to get started with our Web Services platform. We’re here to help your business stay secure and thrive in today’s fast-paced world.