How Hackers steal from Your Business: Redirected Payment.
Whether it is your business, the purchasing of heavy equipment, real estate, a boat or even an exocitic car. The moving of big money is targeted by threat actors. Especially if your transaction is digital.
How Does it Happen?
Well, when you are communicating back and forth with the person you are buying the product from you get a false sense of security. At any time a threat actor can take over the role of “payee” and give you his banking information. Since you are most likely doing the transaction digitally through a wire ACH, the payment will go into the threat actor’s drop account. His drop account is a legitimate bank account they used by using a dead person’s identity. From the drop account the threat actor can move your money wherever they want and you will never see it again.
How to avoid it
When you receive the email from the “payee” which provides you the banking information, make sure to check it out. A lot of the threat actors have poor grammar and you can tell something is just off. Call the person directly who you are making the transaction to. Have them confirm everything you were just sent in the email because if you send your hard working money to a threat actor’s drop account you won’t be getting it back. Most banks have a strict policy of not paying you back unless you have Cyber Security Insurance. It might be a hassle but make the call. Spending five minutes on the phone is a lot better than losing two million dollars.