Blog
← Back to Blog
November 10, 2023 financial

Wire Fraud Is Up 300% Since COVID. Financial Practices Are Ground Zero.

Wire fraud surge targeting financial practices

The FBI's latest Internet Crime Report shows business email compromise (BEC) losses of $2.7 billion in 2022, up from $1.8 billion in 2020. Wire fraud targeting financial practices, accounting firms, and businesses with financial authority has tripled since the pandemic. And AI is making it worse.

Why Financial Practices Are Ground Zero

Financial practices are uniquely vulnerable because:

  • They routinely process wire transfers and ACH payments
  • Staff are authorized to move money
  • Client communication about financial changes (new bank accounts, routing numbers) is normal
  • Tax season creates urgency that attackers exploit
  • Trust relationships with clients make verification feel awkward

How AI Is Changing Wire Fraud

AI Voice Cloning

Attackers can now clone a person's voice from a few minutes of audio (easily obtained from voicemail greetings, social media videos, or webinar recordings). An AI-generated call from what sounds exactly like a client or partner requesting a wire transfer is nearly impossible to distinguish from a real call.

AI Email Generation

AI generates perfect business correspondence matching the writing style of the impersonated person. No more typos or awkward phrasing to trigger suspicion.

Deepfake Video

Early cases of deepfake video calls have been reported, where attackers impersonate executives on video conferencing to authorize financial transactions.

Defense Protocols

For Every Financial Transaction

  1. Dual authorization. No single person can authorize a wire transfer above a defined threshold.
  2. Out-of-band verification. Verify every wire request through a different communication channel than the one used to make the request. Email request? Verify by phone. Phone request? Verify by email or in person.
  3. Established verification codes. Pre-arrange verification codes or challenge questions with clients for financial transactions. "What's the code word?" defeats AI voice cloning.
  4. Mandatory waiting period. Implement a 24-hour hold on all new wire instructions. Rush requests are the hallmark of fraud.

For Your Practice

  • Secure email with MFA and advanced threat protection
  • Train every staff member who handles financial transactions on current BEC tactics
  • Review cyber insurance coverage for wire fraud losses
  • Implement email authentication (DMARC) to prevent domain spoofing
  • Conduct regular BEC simulations to test staff response

Wire fraud is a $2.7 billion problem and growing. Every financial practice needs procedures that assume the next wire request might be fraudulent. Verification isn't rude. It's professional.