A Reminder from Commerce Bank
Phishing is a common, sophisticated scam, targeting people & businesses that regularly perform electronic payments. The scam is carried out by compromising email accounts through calculated social engineering or computer intrusion techniques to conduct unauthorized transfers of funds. In 2022, the FBI reported that since 2019 there has been a 65% increase in identified global exposed losses attributed to fraud schemes.
As a reminder to stay vigilant:
Keep your emotions in check. Phishers frequently leverage emotions like fear, greed, and curiosity. Look out for emotional triggers like surprising headlines that reference a current event, or thank you emails and unexpected bank notices.
Look for warning signs. Does anything in the email seem strange? Was the email sent by an unknown sender? Was it expected or unsolicited? Are there grammar or spelling errors? If you've answered “yes” to any of these questions, you may have received a phishing email.
Examine the domain name. Some attackers modify domains to catch targets off guard. For example, if the correct domain was www.example.com, the phishers may register “examp1e.com” or “example.co”, hoping you won’t notice the subtle difference. (Links for this example are not valid)
Make sure you recognize the sender’s name and domain. If you don’t recognize the sender, verify the message is legitimate with a quick phone call to a phone number you already have on file.
Never click on a link or attachment that is unexpected.
Establish clear, written policies and procedures for authenticating all payment requests and updates to contact information.
Use out-of-band authentication procedures to verify payment change requests from vendors.