flags that signal a potential phishing attempt go    and windows, a security camera, and not much else
             unnoticed.                                           while they figured out whether and where to move
                                                                  their product. In the meantime, these properties
             So, when a scammer posing as a vendor emails new bank
             account information and asks that all future payments  became low-hanging fruit for opportunistic thieves.
             be routed there instead, the recipient is more likely to  Burglary of vacant commercial properties has risen
             miss the discrepancies in the sender's email address,  mostly in metropolitan areas. Both San Francisco and
             format and style, and less likely to verify its legitimacy.  New York City reported a 42% increase in burglaries
                                                                  between January and June of 2020 compared to the
             Unfortunately, the mistake is typically not discovered until
             the true vendor reaches out to ask why it hasn't been paid.  same period in 2019. Philadelphia reported a 134%
                                                                  increase over the same period. In Seattle, some
          2. Unauthorized transfers and route changes             commercial districts saw 30% to 40% more burglaries
             perpetrated via computer fraud                       in March and April compared to last year.
             Internet-savvy thieves have also taken advantage of  Because lockdown mandates were passed so quickly, most
             relaxed risk management practices to find openings for  business owners didn't have a chance to arrange stronger
             infiltration. By hacking into a company's internal   protection for their location, whether that meant installing
             networks, perpetrators can initiate fraudulent transfers  an alarm system or contracting a security service. And
             themselves without having to fool an employee with a  because no one was certain how long the stay-at-home
             convincing email, or redirect entire shipments of goods  orders would last, many also wondered whether such
             directly into their waiting hands.                   measures would be worth the cost.
             The Austin Business Journal reported that some hackers
             have used stolen consumer information to break into online How to reduce your risk
             shoppers' accounts and reroute grocery delivers to their  While theft might be growing more prevalent during the
             own homes. Retailers and distributors are susceptible to  pandemic, it is not a new risk. Minimizing your exposure is
             the same type of theft, but on a larger scale.   all about going back to basics.
             With the holiday season approaching, expect this type
             of theft to become more prominent as more goods  Reiterate internal fraud prevention
             make their way around the country. With a larger  controls
             number of deliveries in progress, hackers may have an
             easier time rerouting shipment without detection.  Any employee receiving wire transfer or change of account
                                                              information requests via email should call back the sender
             This exposure has also been exacerbated by the rapid  directly to verify the request -- using the contact information
             shift to remote work. Companies lacking secure   on file, not what's provided in the email.
             platforms and VPN networks make easy targets for
             hackers, especially if workers are relying on their  It's a quick and easy way to weed out fraud that could stop
             personal devices and home wi-fi networks.        social engineering in its tracks if every employee stuck to
             Some scammers have even tapped into the fear and  protocol. In the midst of these stressful times, though,
             anxiety associated with this unanticipated move by  employers may need to send additional reminders and
             posing as expert cyber security consultants, pitching  continually reinforce the importance of this practice to
             software that secures work-from-home environments…  combat the effects of fatigue.
             but is of course embedded with bugs and backdoors.
                                                              Strengthen cyber security defenses to
             Once a cyber thief gains access to internal systems, he
             or she can quickly learn company processes and   keep hackers out.
             protocols well enough to manipulate them or imitate  Use company VPN or VOIP systems rather than home
             them, perpetuating fraudulent payments or shipping  wireless networks and cloud-based communication
             instructions without setting off alarms.         platforms, which may not be private or secure. Require two-
                                                              factor authentication to log in to any company system. Run
          3. Break-ins and burglaries of vacant properties    software updates as scheduled to ensure security bugs get
             When brick-and-mortar stores initially shut down in  patched. Continually remind employees not to seek their
             March and April, most business owners were forced to  own workarounds to IT issues by downloading unapproved
             leave their inventory on site, protected by locked doors  software or platforms.

                                                                        The Insurance Times, January 2021 31