Scam/Fraud Warning Follows Hurricanes; Reminder of How Most Cyber Events Start

As if the toll of natural disasters were not bad enough, the reality today is that criminals use them as a way to perpetrate frauds on well-meaning consumers.  In the wake of Hurricanes Helene and Milton, the federal cyber watchdog issued a warning to watch out for fraud and malicious activity being carried out via electronic means such as text, email, and social media.  The messaging campaigns can either directly solicit donations under fraudulent pretenses or result in the installation of malicious software on the recipient's device if they click links in the message.  

WHY IT MATTERS

Most people read about cyber fraud and think of a shadowy room full of hackers using sophisticated means to steal millions of dollars.  The reality is much less sophisticated, however: most fraud comes about through social engineering.  This means getting human beings to do what humans do - respond to pleas for help, instructions, and communications that otherwise appear to be from friends or loved ones.  

That is just as true in the business setting as it is personally.  We see dozens of “business email compromise” events a year, where a fraudster posing as a vendor successfully induces an accounting contact to send invoice payments to a purported “new bank account.”  Before the fraud is discovered, the bad guys close the account and take the money.  There is seldom any recourse from the bank, which leaves the customer and supplier having to fight it out between themselves to decide who should bear the loss.

Even without a natural disaster, online fraud tends to trend upward toward the end of the year.  Businesses might consider reminding employees of proper email protocol (don't click any unsolicited links or attachments) and customers that payment instructions have not changed.