Fraudsters increasingly attack the finance department of companies, thus capturing millions. Since 2013 250 fraud cases are known, where overall 150 million Euros have been stolen.
The procedure, by which the fraudsters act, is quite simple: They hack mail accounts, intercept emails with invoices and write new emails in which they tell that the bank details have been changed. Therefore, the money will be transferred on the bank accounts of the fraudsters.
A second tactic is social engineering. The fraudsters manipulate employees such as calling them and telling them they are a colleague or CEO/CFO and order to transfer a large sum. The problem: In both companies an open item can be found in the accounting.
Proposed solutions of the state criminal police agency Baden-Wuerttemberg:
- Communication within the company
- If an e-mail seems to be weird, simply enquire on the phone
- Keep the software up-to-date
- The e-mail signature should contain, that changed bank details would never be sent by e-mail
- Companies should prepare for claims and act fast in a case of emergency
The actual solution of this problem is called smart contracts. These smart contracts – based on the Blockchain technology – would not allow these fraud cases. Because on every single bank transfer the hash value of both parties would be compared and if there is an incompatibility no transaction would take place.