Pub. 1 2012 Issue 5

14 l e a d i n g a d v o c a t e f o r t h e b a n k i n g i n d u s t r y i n k a n s a s SECURITY OFFICER’S BY-WORD Watch For Fake Faxed Wire Transfer Requests Charles M. Towle, Senior Vice President, Kansas Bankers Surety Company In the same month, another bank received a fax request from a good business customer to wire funds to a person in another country. The fax was from a customer that did wire transfers occasionally. It had the customer’s normal fax cover page and it appeared to have a valid signa- ture of the customer. The wire transfer clerk compared the signature on the fax to the signature on the signature card on file. The clerk checked the customer’s account for available funds. Then the clerk called the customer for verification of the fax. The customer verified the fax, but the customer’s voice did not seem familiar. The clerk then called the customer again using the phone number from the bank records rather than the phone number on the faxed wire request. The clerk immediately learned that the fax was a fake. The wire transaction was not initiated. Upon further investigation, the customer remembered that in response to a recent request he had faxed to the IRS an updated information sheet about his bank account for his payroll tax payments. It appears that the crook had used this phony request to obtain the information used to create the fraudulent wire request. Abank should always caution its customers against giving informa- tion about their account to anyone over the phone or by fax. However, customers will still, on occasion, be tricked into giving out the information. Any time a bank receives a request from a customer to wire funds, the bank should carefully verify the information with the customer. Verifications done by phone need to be done using the customer’s phone number from the bank records, and not from the fax cover page. If the customer does not have a contract with the bank for wiring funds, the bank should either refuse to wire the funds or use extreme A bank’swiretransferdepartmentreceived a fax cover sheet from a well-known customer along with an attached request to wire $38,425.00 from their checking account. The wire transfer clerk compared the signature on the fax to the signature on the signature card on file. The clerk checked the customer’s account for available funds and then wrote up the wire transfer form. A second employee verified that all of the wire transfer information had been entered correctly and the wire was sent as requested to a New York bank for benefit of a bank in Russia for benefit to an individual. Three days later the bank received a call from the business customer asking why his account had been debited. The bank then learned that the fax withdrawal was not sent by the customer and was a fake. The bank attempted to reverse the wire transfer only to find that the bank in Russia who had credited its customer’s account explained it could not legally agree to reverse the transaction or refuse to allow its customer to withdraw the funds. In discussions with its customer, the bank learned that the customer had recently received a request from a federal government agency which the customer deals with regularly. The request asked for an update of financial information about the customer’s bank and banking account number. It also requested that the information be faxed back. Further investigation revealed that the request for the information was phony and the fax number that the information was faxed back to was now disconnected. The crook had used the information which the customer had faxed to create the fake wire transfer request. A bank should always caution its customers against giving information about their account to anyone over the phone or by fax