The 3 things to do right now if your company has been a victim of cyberfraud

The 3 things to do right now if your company has been a victim of cyberfraud

When a business owner or corporate counsel contacts us concerned they are a victim of a scam, they’re usually in a panic — and understandably so. Cybercrime can be malevolent, with the potential to do lasting damage to your clients and reputation. How?

Here are some examples I have seen:

A vanishing vendor: A software developer realizes the overseas vendor they’ve sent more than $2M to over the last 90 days does not in fact exist.
A hell of a holiday: A vacation rental company is horrified to learn a home was destroyed by a guest whose online profile turned out to be fake.
A diverted down payment: A couple about to close escrow on their dream home receives updated wire transfer information, ostensibly from their title company via email. They unknowingly wire their entire down payment to a fraudulent company.

As you can see, these scams take different forms depending on your business. As an investigator experienced in untangling these cases, there is one common denominator — the level of concern I hear in people’s voices when they call. This is not something that happens to them every day, and it’s hard to know what to do first.

We help clients in situations like this figure out who organized the fraud and attempt to locate where the money is now. Meanwhile, here are the three things you should do to enable a smooth investigation and control the damage to your organization:

1. Involve the right people.

In general, you’ll want to contact your general counsel immediately. This is usually the person who first calls us, and they need to be included from the get-go.

Prepare for disinterest from law enforcement. In many jurisdictions, if your loss is less than $100,000, it’s possible but unlikely that law enforcement will get involved.

Outside of this small circle, keep it confidential for now. You do not want to disclose details that only the perpetrators know, which can compromise the investigation. Additionally, disclosing a breach can impact your company’s reputation and internally, your employee morale. If information must be disclosed, work closely with your public relations firm to do so.

2. Document everything.

Don’t immediately accuse people. Instead, create a list of employees who may have had a role in the breach. Consider who has access to the money or information that was compromised. Be open to a potential internal investigation.

Document everything associated with the fraudulent transaction. Make a list of names and emails the perpetrator has used. Be prepared for us to do deep searches into those handles. Create a list of all relevant bank account information and corporations. We will attempt to look behind who controls fake corporations and conduct an investigation of those people that might connect back to your company.

3. Prepare for an investigation.

Sometimes, forensics will be performed on your technology systems. Your hard drives may be mirrored, and other procedures may be performed to ascertain the extent and possible cause of the breach. Communicate with affected employees on a need-to-know basis.

Understand that if your company has found itself in the crosshairs of a cybercriminal, you may be the victim of a larger crime. What happened to you may have happened to others – or it might be just one instance of a larger problem you’ve just now noticed.

Unfortunately, cybercrime is a large and growing problem in the U.S. According to the FBI’s 2016 Internet Crime Report, reported losses exceeded $1.3 billion in 2016, an increase of 24 percent. And that’s reported losses — officials estimate only 15 percent of cybercrime victims ever report their crimes to law enforcement. The most profitable crimes were business email compromise (BEC) attacks, resulting in more than $360 million in losses last year.

If you suspect you or your company have been the victim of cybercrime, call us today at 415-905-0462 or email us at [email protected].