BEWARE Business Email Compromise Schemes

Cyber criminals seem to be ever increasing their attacks and taking advantage of individuals and businesses in more sophisticated ways. With increased media attention and the amount of money spent each election cycle, campaigns and PACs are at risk.
One type of sophisticated attack campaigns and PACs need to be aware of is something called a business email compromise scheme. There has been a growing trend of individuals impersonating employees or vendors in the attempt to gather bank, personal, or other important information that can then be used to try to request fraudulent payments, such as a wire payment in which there is little to no way to recover the funds once sent. These types of attacks are very sophisticated in their use of social engineering and the time they spend studying their targets – which can last months. According to the FBI, there have been $26 billion in losses due to this type of attack in the last 3 years.
CFS has seen political vendor emails compromised and fraudulent payments requested. Our safeguards stopped it. CFS has multiple safeguards in place to help protect our clients’ money. Some of our safeguards include:
FEC Safe Harbor – In accordance with the safe harbor provisions, all checks over $1,000 require two signatures. CFS actively abides by and has instituted the safe harbor rule in our internal processes.
Multiple Approval Levels - Any payments on behalf of our clients, no matter the amount, go through multiple levels of approval, including separate approvers from the individual who initially entered the payment request.
Two-Factor Authentication (2FA) – If an account supports this feature, then our team makes sure it is turned on. 2FA typically requires a secondary verification on top of a password, such as a texted security code.
Knowing Our Clients – Our team of compliance professionals are constantly interacting with and getting to know our clients. We understand our clients, their staff, how they communicate with us and each other, and even what types of things they typically buy. Because of this close and direct relationship, we can better tell when something seems a little “fishy.” Or in this case “phishy.”