The first step in wire fraud prevention is for firms to have controls in place to protect the firm, its portfolio companies, and investors, according to Michael Brice, president of BW Cyber, speaking on a recent webinar entitled How to Avoid Wire Fraud in the Alternative Assets & PE Industry.
Brice advised firms to have written policies and procedures relating to wire fraud, and have employees sign off on those policies. There should also be training on the cyber policies and procedures, and consequences if employees do not follow the rules. Trained employees are better able to spot potential wire fraud, making it more likely the fraud can be prevented.
One key component of a cyber policy is a requirement that all wiring instructions be confirmed via voice and a record of all transfers be kept.
“It’s important to understand that email cannot be trusted,” Brice warned. “Also, don’t assume if someone emails you that they’ve confirmed wiring instructions that they’ve actually confirmed them. It has to be by voice and on record.”
The wiring policy should also state that if there’s a change to wiring instructions, the same process should take place: confirm verbally and document it.
There are also various technical safeguards firms can use. Simply keeping operating systems and software up to date, installing security patches and updates as soon as they are available, installing appropriate firewalls and malware protection, and having administrative access controls can go a long way to protecting a firm.
Report quickly, get insurance
Brad Carpenter, supervisory special agent in the FBI’s Cyber Division, advised firms to report fraudulent activity quickly in the event of an incident.
One way to report incidents is on the FBI’s internet crime complaint center, IC3.gov. From here, the incident will be shared with FinCEN and the firm’s bank to try to determine where the money is traveling to. It will also help to get an immediate freeze on the payment.
If all else failed, Brice advised firms to have a safety net to mitigate losses; cybersecurity insurance and crime insurance. There are generally four types of fraud related to cybersecurity insurance: social engineering, invoice manipulation, computer crime and funds transfer fraud. However, Brice said that because cybercrime and wire fraud are so prevalent, it’s getting harder and more expensive to get cybersecurity.
Brice suggested adding crime insurance as extra protection for anything not covered by cyber insurance.
Typosquatting on the rise
Cybercriminals are more often using ‘typosquatting’ to trick employees at private equity firms into transferring money, highlighting the need for tighter cybersecurity controls and training.
“Typosquatting” involves a scammer registering a domain that looks very similar to the real domain, often only changing or dropping one letter, and using that domain to try to fool people into sending money or sharing sensitive information that would give a hacker greater access to the firm’s network.
Brice said there is software available to alert firms of typosquatting incidents.
“These alerts tend to be highly correlated with an indicator of compromise. But [they] help keep them from going after you, your investors, or your trading partners,” Brice stated.
Business email compromise scams remain the most common ways criminals attack PE firms. These frauds account for the largest dollar amount of all cybercrimes, with more than $2.4 billion reported to the FBI in wire fraud losses last year, said the FBI’s Carpenter.
The rise in virtual meetings has also given criminals a new tool to get reconnaissance on firms to use in their social engineering fraud schemes.
“Scammers are using a variety of techniques to trick private equity employees into falling for their schemes, so you have to know what to look out for and have policies that would help prevent or mitigate wire fraud,” Carpenter noted.