The scenario: You receive a note froman important vendor directing you to immediately update the wire transfer account numbers for their accounts because of a data breach they have sustained. What to Do: RED FLAGS SHOULD ALREADY BE GOING OFF.
According to our friends at Citadel Information Group, here's what you should be thinking: Implement very strong controls on wire transfers Assume all email or fax requests from a vendor to change bank accounts are fraudulent. Assume all email or fax requests from the company President or others are fraudulent. Assume all email or fax requests to set-up a new vendor are fraudulent. Pick up the phone, call the party in question and verify the request is legitimate.