Stay vigilant against cyberattacks

Dependency on digital communications has become widespread, and this certainly holds true within treasury and finance functions. With nearly all organizations now employing remote working arrangements in response to the pandemic, the scale and extent of the remote environment place unprecedented pressure on internet, remote access, and connectivity infrastructure. Now more than ever, organizations need to build their cyber resilience.

Payments Fraud & Cyber Incident Response — Speed is of the Essence

Since the start of the pandemic, there has been a proliferation of COVID-19 themed phishing and spear phishing campaigns, man-in-the-middle (mitm), malspams, ransomware, distributed denial of service (DoS), and fraudulent websites. Cybercriminals are becoming increasingly creative in seeking access to networks and finding new ways to exploit users and technology to access passwords, data, and confidential information. Current statistics highlight that cybercrime has increased significantly due to the COVID-19 pandemic and other major events, and the vast majority of cyberattacks deploy social engineering methods, often delivered by email.^[1]

Business Email Compromise (BEC) continues to be a key source of cyber incidents, responsible for attempted or actual payments fraud attempts, which could provide a direct monetary threat to any organization. According to the 2020 AFP Payments Fraud and Control Report, Accounts Payable and Treasury departments are most vulnerable to being targeted by BEC fraud.^[2] On April 6, the FBI published a press release suggesting BEC using COVID-19 themes will increase.

BEC scams typically target individuals who perform fund transfers. The fraudster impersonates a normal business contact and requests funds be sent to a new or alternative account. The cybercriminal can either compromise a legitimate email account or create a spoofed version of the account in order to convince the victim. COVID-19 is a common rationale used for this type of fraud because it can provide a sense of urgency to victims and a logical explanation for account changes.

© Citibank, N.A., November 2020

We encourage you to remain vigilant of suspicious activity, and consider the below best practices to minimize your organization’s risk:

• Train Staff to Identify and Mitigate Risk

Ensure that your staff know their role in response to fraud and cyber events. In the current environment, we urge clients to beware of emails that claim to provide information on COVID-19, as these may be sent by cybercriminals to entice recipients to open malicious links or attachments.

In addition, staff should always call on a previously known phone number to verify payments instructions received via email. Citi’s Guidance on Combatting Fraud  is a good resource to help prepare your team to spot red flags and mitigate risk.  We recommend clients review their incident management processes in light of many changes to work environments in response to COVID-19.

• Combat Payments Fraud

In a recent article, we shared suggestions to help combat payments fraud. Along with ongoing communication, training, and strengthening internal processes, it is critical to work closely with your banking partners to implement best practices, such as segregated payable and receivable accounts, and banking fraud protection and detection tools, including Automated Clearing House (ACH) Debit Blocks and Filters, and ACH and Check Positive Pay with Payee Name Verification. It is also important to evaluate and consider electronic or automated payment methods as an alternative to paper, to help reduce fraud risk.

• Schedule a Relationship Review with Your Bank

In a recent article, we suggested topics to discuss at your Relationship Review, including your organization’s security setup and related services, such as: account rationalization, system user entitlement / administrator review, and fraud prevention.

• Increase your online security

To maximize your online security, combine fraud protection tools and services from your bank provider with employee training on risk mitigation:

  © Citibank, N.A., November 2020

• Secure employees’ remote-work environment

With residential internet via consumer services providers becoming the primary way for treasury and finance staff to connect to business networks, cyber criminals are exploiting network weaknesses and penetrating system defenses. As it is common for employees to overlook basic controls when working from home, our cyber security experts suggest educating your employees on how to make their remote-working environment more secure. Consistently remind employees how to implement suitable secured arrangements in their "home" workspace in case of potential cyber-attacks and avail them of support. This will help ensure the business continues to operate as efficiently and safely as possible.

 © Citibank, N.A., November 2020

One of the best offenses is a good defense. Prevention, detection and rapid response to cyber security attacks extend beyond technology to encompass people and processes. It is important for treasury offices to conduct a review of their existing process and assess what is needed to effectively prevent and mitigate cyber security threats in light of recent market disruption.

To discuss strategies to help mitigate risk and strengthen your cyber security, please contact us.