Thanks to the internet (LinkedIn, Facebook, public reports, interviews, etc.), fraudsters are able to obtain a lot of information about your company and your staff, known as social engineering. The situation has been further exacerbated by teleworking and the opportunity for some employees to browse the internet more intensively and reply to surveys or other requests.
In this context, a certain degree of confidence will be built up between the employee and the fraudster. Finally, without the slightest suspicion, the employee will give in to requests that have become plausible through the accumulation of details and the psychological control exercised by the scammers.
In some cases, the targeting and the content of certain phishing emails is so effective that clicking on an attached document containing a virus or consulting a link leading to a fraudulent website will enable cyberpirates to take control of an employee’s computer or obtain valuable information that they can use to prepare a large-scale attack.
Furthermore, taking advantage of lockdown measures linked to COVID-19, fraudsters’ techniques could become more varied leading to fears for example, of an increase in the number of false invoices sent out.
Experts and authorities are also noting a rise in cases of identity theft, where fraudsters use the name and reputation of big companies to order various goods and divert them for their own benefit. The risk is even greater for SMEs, which are usually “less alert” or less cautious when they check out new unsolicited and providential customers, seeing this as an opportunity to offset the fall in their sales during the health crisis.
Fraudsters stop at nothing and do not hesitate to buy domain names that are very similar to the official websites of big companies or institutions, or even to create fraudulent transport companies to take goods to an address other than that given on the order form.
Practical preventive actions are essential so as not to jeopardise the continuity or even the survival of your company’s economic activity, because the sums misdirected sometimes amount to several million euros.
In this context, it is vital that private and public organisations, companies of all sizes and in all sectors increase the warnings and staff awareness campaigns. This can be done, amongst other things, by means of specific (digital) training courses or by consulting the website
Despite the new techniques used to detect fraud by artificial intelligence and the customised exercises created by internal or external services to test vigilance among staff, human error can never be ruled out.
The following basic reflexes must be observed:
The four-eyes principle must be observed for any action that could cause a financial loss.
Euler Hermes, world leader in credit insurance and specialist in warranties and securities, also has sound experience in covering risks linked to fraud.