Introduction
The Association of Certified Fraud Examiners 2024 Report to the Nations lists 21 different fraudulent disbursement schemes. But fraudsters and scammers continue to find new ways to steal your money. Here, we discuss one that doesn't neatly fit any of the categories. This is an actual scam we read about online. All names are fictional.
The Scam
Lisa, the CFO of Arbor Automotive Group, receives an email asking for payment on an overdue invoice of $78,500. The email includes what looks a reply from Marty, the CEO, apologizing for the delay and saying they will ask his CFO to pay it immediately.
The scammers tried to look legitimate: they opened a bank account and registered the business with the state. The email looked like it was real.
How This Scam Fell Apart
The scammers made the mistake of sending this to an organization with strong processes and controls. Here were the red flags:
The scammers used Marty's CEO's real email address. Lisa double-checked with the Marty that he had sent the email, giving him the recipient's email address and the date and time sent. Marty checked his Sent Items folder and didn't find it there. He wasn't familiar with this vendor, either. These were the first and second red flags.
Lisa is now suspicious. She does a vendor check in their accounting system and doesn't see the purported vendor. She checks the business's state registration and sees the business was registered after the date the business claims to have performed services for Arbor Automotive. These were the third and final red flags.
The Scammers Got Greedy
Perhaps the scammers biggest mistake was asking for $78,500. The amount was big enough that Lisa, the CFO, decided to verify things before issuing payment.
Imagine if the scammers asked for a much smaller amount, like $4,500. This might have been below a level that would have merited serious attention from the CFO or accounts payable.
Arbor Automotive Group Was Prepared
Yes, the scammers got greedy, but Arbor had strong procedures in place.
The unique part of this scam was including the purported email thread where the scammers had included what appeared to be a response from the CEO. It seemed odd to Lisa that Marty, the CEO, had not included her on the reply to the scammers, which made her suspicious.
Even if Lisa had not gotten suspicious about the email, she would have caught it when trying to enter the invoice for payment. Arbor Automotive had policies in place that vendors were added to the accounting system before entering into an agreement for service.
Are You Prepared?
What policies and procedures do you have in place to reduce the risk of scammers stealing your assets? We can help you.