Protecting your Business from Wire Fraud

In today’s digital age, wire fraud is unfortunately becoming all too common, especially among businesses. As a recent victim of this tactic, I want to share my experience — along with some best practices — to help fellow Chamber members protect themselves from the same fate.

Not long ago, my insurance agency fell prey to a sophisticated phishing scheme that cost us $6,000. The scammer managed to capture my email format and use my name, creating a false sense of trust. They crafted an email that appeared as though it was sent by me, prompting our accounting department to make a wire transfer they believed was legitimate. Luckily, we had fraud coverage on the agency’s business insurance.

In another, even more distressing incident, a client wired us $25,000 based on an email I had previously sent. The fraudster altered the bank account details and manipulated the email to make it appear authentically mine. Fortunately, both the client and our agency were able to intervene in time and recover some of the money. However, not every story ends on a positive note. The consequences of these scams can be devastating — not just financially, but reputationally as well.

We reported both incidents to the FBI and local police.

Understanding how these scams operate is the first step in safeguarding your business. Scammers often rely on social engineering techniques, using information gathered from social media, websites and networking activity. They then create emails that appear legitimate, complete with your contact details. Because of this, it’s essential to be mindful of what information you share publicly and to approach all financial requests with caution.

Strategies to avoid wire fraud:

Verify email addresses. Always double-check the email address of anyone requesting financial information or money transfers. Phishing attempts often come from addresses that look nearly identical to legitimate ones, with small differences that are easy to overlook.

Implement confirmatory processes. Before executing any wire transfer, establish a protocol that requires verification through a second method of communication. For example, if you receive an email requesting a wire transfer, follow up with a phone call to a known, trusted number.

Educate employees. Conduct regular training sessions so employees understand the warning signs of phishing and wire fraud. Encouraging vigilance and creating a culture of caution can significantly reduce risk.

Use security software. Invest in reliable security tools and email filters that help detect suspicious activity. Firewalls, encryption and up-to-date antivirus programs are important first lines of defense.

Monitor accounts. Regularly review your business bank accounts for unauthorized transactions. Setting up alerts for large or unusual activity can provide early warning and limit potential losses.

Know what to do if you’re targeted. If you believe fraud has occurred, act quickly. Contact your bank immediately and report the incident to local law enforcement. The faster you respond, the better your chances of recovering funds.

Consider cyber insurance. Cyber insurance policies are available through many carriers and can help protect businesses from losses related to fraud and cybercrime.

While scams like these can feel overwhelming, staying informed and taking proactive steps can significantly reduce your risk. By sharing experiences and knowledge, we can work together to build a safer and more resilient business community.

Paul D. Van Engelenhoven, CIC, CRM, AU, is owner and president of Hammerstone Insurance Group, a division of Van Engelenhoven Insurance Solutions LLC. Paul and his wife, Ana Proano, own and operate three insurance agencies in Sioux Falls. Together, they bring 39 years of industry experience and specialize in commercial and personal insurance for more than 500 clients across 24 states.