False Impersonation: An Emerging and Evolving Risk
False impersonation, also called social engineering or spear phishing, involves a fraudster impersonating someone else for financial gain by using a fraudulent email, telephone call, text message, or fax telling a victim what to do.
We’ve all seen things like this with the IRS and FBI in the news. Banks and law enforcement agencies report that these incidents are increasing because they are easy to do successfully.
Example: An imposter pretends to be the superintendent or head of the school system. By email, this person provides enough meaningful information to convince an employee in the business office that a request to transfer money out of regular channels is legitimate. The employee makes the transfer willingly, without an outsider hacking into the system or learning bank passwords to steal the money.
Help Protect Your School
Schools may fall victim to this type of fraud if the appropriate controls are not in place.
Train all employees about fraudsters’ tactics and school policies. This should include acceptable and safe use of email and the internet, especially for those within the school business functions.
Talk to Your Insurance Agent and Your Financial Institution
Ask your agent about your coverage. Some insurance policies do not cover losses a school suffers if funds are transferred voluntarily under false pretenses. In addition, check with the financial institutions you do business with to learn what their policies and abilities are for recovering funds the school voluntarily transfers under false pretenses.