Be wary of payment requests via email
Criminals are targeting business email accounts to steal contact information and company-branded signature blocks. They use the information to create convincing emails (whether they be legitimate email accounts of victims, spoofed emails, or look-a-like domains) to target accounts payable and/or human resources employees. The scammers will often send falsified invoices or request payments be redirected to illegitimate accounts.
Don’t take the bait! Be cyber smart by following these steps to prevent fraud:
Procedural measures
- Always follow proper payment handling procedures. Do not accept payment requests outside of established and verified methods.
- Always use a known phone number to confirm account change requests. Do not call a number provided via email.
- Handle payments in dual control where transactions are verified before initiation and during approval.
- Beware of red flags such as false urgency, confidential requests, or unrecognized email domains.
- Question unusual transactions – it’s better to be safe than sorry.
Technical measures
- Utilize multi-factor authentication and shield networks from unauthorized access. Learn more about multi-factor authentication.
- Regularly update systems, back up important data and test backups.
- Do not plug external devices into USB ports.
If you suspect you’ve fallen victim to fraud, notify First National immediately and file a detailed complaint through the FBI’s Internet Crime Complaint Center.