The Key to Wire Fraud Prevention: Out-of-Band Authentication

We take cybersecurity seriously. That’s why we utilize out-of-band authentication, to help make hacking an account much harder for attackers.

Out-of-band authentication is a process where access to an account requires two signals from two different channels. Attackers would have to compromise two separate and unconnected authentication channels, rather than one.

For instance, if you get an email from a vendor, you should call them using the number you previously had on file and confirm that they sent the email. This is especially true if they are giving you new account information. One example is asking you to send money to a different account than one you’ve used in the past.

Similarly, if you get an email from a co-worker that asks you to send money to a new vendor or changes the account information for an existing vendor, confirm it is real. Walk over to their workspace or call them on their extension to confirm. It’s better to ask questions first than to authorize the payment and regret it.

Anyone who is tasked with purchasing supplies or making payments to vendors could be at risk of receiving falsified payment instructions. These fraudsters are smart; it is important to stay vigilant and cautious to avoid sending money to someone who is attempting to trick you in order to receive funds through fraudulent methods. Here are three common scenarios in which someone may try to trick you into a fraudulent transaction:

Security Breach
Your system has been breached and someone’s email account has been hacked. In this scenario, a hacker has gained access to your systems in order to hijack your email accounts. This means that they have an employee’s login credentials and can communicate with you without the employee knowing. The hacker can also make it appear as if an actual employee is sending an email with instructions on how to distribute funds. Oftentimes, the attackers will monitor your communications, and use the information they gather to send a more convincing e-mail.

Vendor Data Hack
The vendor’s system has been hacked. In this scenario, one of your vendors has been hacked, and the attacker sends you an email from the vendor’s account asking for you to make a payment. As in the first scenario, the email will be from a legitimate account of someone you have communicated with in the past. The attacker will also likely monitor communications and jump in after legitimate emails have been sent back and forth, so that it looks like a continuation of a real conversation with the vendor.

Email Imposter
The vendor’s email is spoofed or imitated ¬– and it looks legit. This scenario is different from the first two because no one has actually been “hacked.” Instead, the attacker makes it appear as if they are one of your vendors. These attackers are smart, so the email will look similar to a real email from your vendor. They may copy the logo and the email address will likely be off by only one or two characters. An example is CEO@company_xyz.com vs. CEO@company-xyz.com.

What’s the solution to each of these scary scenarios? Out-of-band authentication, of course. Contact us to learn more about how we help protect our clients’ accounts using out-of-band authentication.

  • Recent News
    Bridge Bank company logo red black and white
    Bridge Bank Extends Credit Facility to YES Leasing
    Bridge Bank company logo red black and white
    Bridge Bank Announces $240,000 Donation to Support Northern California Communities Impacted by COVID-19
    Bridge Bank company logo red black and white
    Bridge Bank Promotes Bill Wickline to Head of its Life Sciences Group
    Bridge Bank company logo red black and white
    Bridge Bank Extends $10MM Senior Loan to Aura
    Bridge Bank company logo red black and white
    Bridge Bank's Life Sciences Group Expands in San Francisco Bay Area, Hires Derek Scalf
  • Recent Insights
    Protect Your Organization Against Data Breaches and Cybercrime Scams
    Fight Payment Fraud Within Your Organization
    Safeguard Your Business Against Bank Fraud
    How To Sidestep A Business Email Compromise Scam
    southbay
    Regional Intelligence Report Series: The South Bay & Silicon Valley
  • Get Started