Treasury Strategies shows how proper planning and protocols can stop business email compromise in its tracks.
But forward thinking and the implementation of a multistep payment protocol, this company dodged a very expensive bullet. New York City-headquartered Rockefeller Group, a property development, management and investment company, was hit last year by a highly sophisticated business email compromise (BEC) scam that could very well have succeeded if measures weren’t thought of ahead of time.
As described in a recent webinar arranged by Treasury Strategies, a treasury executive at Rockefeller received an email purportedly claiming the company’s CEO was involved in confidential negotiations to acquire a company in the UK and requested an $8 million wire transfer. Sam Pallotta, the treasurer, explained that the request was meticulously constructed and appeared to be coming from the CEO’s email account, even mimicking his writing style and targeting an assistant treasurer on a day when Mr. Pallotta was on vacation. What’s more, the company had a history of acquisitions in the UK.
Noting the importance of discretion for the deal, the email specifically instructed the executive to tell no one else of the request. Mr. Pallotta said it is uncertain how the fraudster knew he was out of the office, but he suspects his Outlook calendar was hacked. “The fraudulent payment may have been made were it not for the payment protocols that our organization has in place to ensure all wires are legitimate and accurate,” Mr. Pallotta said.
He then provided a lengthy list of protocols, noting the primary one leading to the discovery of the scam required signoffs on every payment by four employees on physical and electronic forms; and when a wire transfer is over $1 million the CEO must sign for it. “Knowing the CEO would eventually have to sign the physical payment form, the executive walked down to the CEO’s office to discuss the payment with him directly, and at that time we realized this was a fraud attempt,” Mr. Pallotta said.
Click here to access the full article.