ARTICLE
NADA has received a report of a dealer receiving "phishing" emails containing fraudulent wire instructions for payments to vendors or other parties. Dealers should be aware that perpetrators of scams like this have become very sophisticated. An email providing bogus payment instructions may appear to be from a recognized email address (potentially even the email address of a person within your organization) and it may be quite convincing. The fraudulent email may also include a PDF or other form of attachment that is virtually indistinguishable in style and format from legitimate documents used by a party with whom you do business. Because of the level of sophistication, you should not assume that email messages pertaining to financial transactions are legitimate. With this in mind you and your employees should be aware that: Payment account, address or a phone number provided in an email may not be legitimate A link within an email may direct you to a login screen or other web page that appears legitimate but is not If you reply to an email, you may be sending information to scam perpetrators. What can you do to reduce your chances of being victimized by this type of fraud? At a minimum, if you receive an email or other communication relating to a financial transaction, particularly an email providing instructions for making a payment, you should have someone place a phone call to a known individual with the payee using a known valid phone number to confirm that the instructions are legitimate.
NADA has received a report of a dealer receiving "phishing" emails containing fraudulent wire instructions for payments to vendors or other parties. Dealers should be aware that perpetrators of scams like this have become very sophisticated. An email providing bogus payment instructions may appear to be from a recognized email address (potentially even the email address of a person within your organization) and it may be quite convincing. The fraudulent email may also include a PDF or other form of attachment that is virtually indistinguishable in style and format from legitimate documents used by a party with whom you do business. Because of the level of sophistication, you should not assume that email messages pertaining to financial transactions are legitimate. With this in mind you and your employees should be aware that:
What can you do to reduce your chances of being victimized by this type of fraud? At a minimum, if you receive an email or other communication relating to a financial transaction, particularly an email providing instructions for making a payment, you should have someone place a phone call to a known individual with the payee using a known valid phone number to confirm that the instructions are legitimate.