Executive impersonation has become increasingly common and can be an extremely costly fraud to overcome. Unfortunately, it has become an easy feat for hackers. We’ve previously discussed what executive impersonation is and what forms it can take. Now, let’s look at what you can do if you find yourself a victim of this fraud.
Upon discovery, the fraud must be immediately investigated. Here are the most important questions you should answer:
- Which employees were involved in the breach?
- How did the breach happen? What internal controls did not operate properly?
- How much money or data is involved?
- When did the incident happen? Was it a one-time occurrence, or multiple happenings?
- What steps must you take to limit the damage?
- Are all existing systems (email, etc.) safe to use?
Management also needs to address the following issues:
- Does the account need to be frozen?
- How can the misdirected funds be recovered, if at all?
- What are the legal obligations regarding informing stakeholders?
- Should a claim be submitted through cyber-insurance policies?
- How does the company control any risk to its reputation?
- Is there any potential liability to third parties?
According to the Association of Financial Professionals, the following are important steps you can take to hopefully recover funds:
- Immediately report the fraud to the bank from which funds were fraudulently transferred. Wire transfers are not always instantaneous, especially if a large sum of money is involved. This could give both the victim and its bank time to cancel or unwind a fraudulent transfer. Companies that find and report fraudulent activity to their banks quickly are more likely to recover the money.
- Report the fraudulent conduct to law enforcement agencies in the jurisdiction to which the funds were transferred, if that information is available. Victims should contact any known agencies at the same time as they contact their bank, as local police may be able to freeze the account receiving the stolen funds, which may prevent them from being withdrawn or further transferred.
- Inform your company’s in-house counsel of the loss. They will need to determine if the loss is covered by the company’s existing insurance policies. If the loss is covered, promptly inform the insurance company of the loss to ensure timely compensation under its policies. Finally, obtain local counsel in the jurisdiction where the funds are. Local counsel will be able to advise on how to recover the stolen funds—for example, starting a civil suit to obtain a freezing order.
- Provide local law enforcement officials and attorneys with detailed information about the fraud and related wire transfers, including such items as any email correspondence with the fraudsters and wire confirmations showing the name and bank accounts of the recipients.
Stay tuned for our next post, in which we’ll discuss ways your company can protect itself against this type of fraud.