05.07.2024 | Posted by Erik
Watch Out for Recent AR Payment Scams
We can’t emphasize the importance of robust security measures in accounts receivable (AR) processes enough. At Axim, an experienced outsourced accounts receivable firm, we’ve encountered a troubling pattern of payment scams targeting companies across various sectors over the past year. These scams disrupt business operations and pose a serious risk to financial security.
Here’s what you need to know to protect your company from falling victim to these deceptive tactics.
Understanding the Scam
Here’s how the AR payment scam typically unfolds:
1. Company email account is compromised: The scam typically begins with compromising a company email account (usually associated with your AR department or an individual associated with AR) through phishing attacks or brute force.
2. Rules created in the email system: Once the perpetrators gain access, they set up rules in the email system that funnel communications regarding AR out of the main inbox, so the account holder has no visibility into those emails, allowing scammers to operate undetected. This usually happens in one of two ways:
• The original email is removed from the inbox and deleted entirely
• The original email is moved from the inbox to a separate folder
3. New email domain is created: The perpetrators then create a deceptive email domain that closely resembles the original; they often change or add a single letter from the original domain — from axim.com to axiim.com, for example. They do this to direct all new communication away from the compromised email account, leaving you and your IT team completely in the dark about what they’re emailing to your customers. And since you cannot access this new domain or email server, it’s impossible to stop the communication. At this point, you will be forced to notify your customer of the scam so they can cease contact from their end.
4. Correspondence with customers to redirect payment: From this new domain, the scammers pose as your company’s AR team and begin corresponding with your customers. They contact them using the same exact names, titles, and email signatures as your actual team. The emails include a request to change the bank account that they send AR payments to, explaining that your company recently changed bank accounts.
5. Receive AR payments in the new account under their control: If your customers follow their instructions and change the bank account, then the perpetrators begin to receive the money intended for AR and steal those funds from your company.
Recent AR Scamming Incidents
Several companies that we’re aware of have unknowingly redirected substantial payments before detecting these fraudulent activities. In some cases, banks have flagged unusual transactions, but not all discrepancies are caught so promptly. We’ve seen incidents where two large payments were redirected before the client detected the scam. The common thread in all these cases has been a lack of rigorous verification processes.
Protective Measures Your Company Can Take
To safeguard your business from falling victim to these sophisticated AR scams, we recommend implementing the following measures:
• Two-Factor Authentication (2FA): Enabling 2FA on all email accounts adds an extra layer of security, making unauthorized access significantly more difficult for cybercriminals.
• Regular Monitoring of Email Rules: Periodically review the rules set up in your email system. Any unfamiliar or unauthorized rule could be a sign of tampering and should be investigated immediately.
• Verbal Verification for Bank Changes: Establish a protocol with your customers requiring verbal confirmation for any request to change bank account details. This simple step can prevent unauthorized redirects.
• Educate Your Team: Conduct regular training sessions for your employees on the latest phishing tactics and preventive strategies. Awareness is a powerful deterrent against fraud.
• Outsource AR Management: Partnering with a seasoned outsourced accounts receivable firm like Axim not only passes the workload to a trustworthy team but also enhances your defenses. With a broad view of industry practices and client experiences, Axim’s specialists work closely with you to quickly identify and respond to emerging threats.
Axim’s Role in Mitigating Risks
At Axim, we leverage our extensive industry experience to detect and react to anomalies swiftly. Our proactive approach has helped many clients recover from potential breaches effectively. By staying vigilant and maintaining best practices in AR management, we help ensure the financial integrity of your business.
The threat posed by AR scams is real and evolving. But with strategic preventive measures and a knowledgeable partner, your business can defend against these financial predators effectively. Stay informed and let us help keep your AR processes safe and efficient.