WEBVTT 00:00:00.001 --> 00:00:02.848 We live in the continuing information age, 00:00:02.859 --> 00:00:05.255 in fact, ah, wait a minute. 00:00:05.332 --> 00:00:06.770 That's way too formal, 00:00:06.795 --> 00:00:09.228 look, there's all kinds of information 00:00:09.239 --> 00:00:11.818 available to fraudsters like me on the web. 00:00:11.882 --> 00:00:14.291 And I'm not even talking about the dark web, 00:00:14.343 --> 00:00:19.200 I'm talking about let's just fire up one of our favorite search engines, 00:00:19.211 --> 00:00:20.962 type in a company name, 00:00:20.973 --> 00:00:22.525 we're off to the races. 00:00:22.597 --> 00:00:27.048 With publicly available information, we have enough to pull some strings 00:00:27.059 --> 00:00:30.357 along with some major dollars into our hands, 00:00:30.512 --> 00:00:33.560 we just have to drop a few names. 00:00:39.787 --> 00:00:42.158 Mr. Ryan, who did you say you're with? 00:00:42.295 --> 00:00:44.674 I'm an accounting rep with Premier Services. 00:00:44.711 --> 00:00:48.393 We manage your suppliers and procurement there at Right Time International. 00:00:48.777 --> 00:00:50.190 Oh yes. How are you? 00:00:50.318 --> 00:00:51.706 Fine, Elizabeth. Fine. 00:00:51.809 --> 00:00:55.627 Say, I wanted to let you know we've changed our banking arrangements. 00:00:55.699 --> 00:00:56.284 Oh? 00:00:56.371 --> 00:00:57.085 Yes. 00:00:57.209 --> 00:00:59.428 Our management must have decided we'll get a better deal 00:00:59.456 --> 00:01:01.960 if we switch to a new bank, so... 00:01:01.970 --> 00:01:03.023 here we go! 00:01:03.140 --> 00:01:04.772 I know how that goes. 00:01:04.830 --> 00:01:05.523 You bet... 00:01:05.585 --> 00:01:09.187 So... we need to change our retainer arrangement with your company 00:01:09.198 --> 00:01:12.377 and have your payments to us go to our new bank account. 00:01:12.495 --> 00:01:15.018 I can give you that information now if you have a moment. 00:01:15.137 --> 00:01:17.393 Okay. You've got the right person. 00:01:17.605 --> 00:01:22.008 But in order to protect both parties, we require a letter in writing 00:01:22.019 --> 00:01:25.382 on our company letterhead to request the change. 00:01:25.548 --> 00:01:28.241 Sure. Thanks for keeping this on the up and up! 00:01:28.495 --> 00:01:30.322 The thing is, 00:01:30.333 --> 00:01:32.729 we're really up against the wall on this one. 00:01:32.848 --> 00:01:36.119 This bank account change hit at a bad time for us. 00:01:36.175 --> 00:01:40.018 If I could email you the information from my company email address, 00:01:40.029 --> 00:01:41.213 could we do it that way? 00:01:41.316 --> 00:01:43.166 It would help us with our cash flow. 00:01:44.644 --> 00:01:47.901 That sounds fine to me. We can work with that. 00:01:48.598 --> 00:01:54.909 Amazing! Our side did a little bit of research, found the name of a vendor, 00:01:54.920 --> 00:01:57.074 posed as an accounting rep there. 00:01:57.210 --> 00:02:02.807 Called and gave just enough information to get the job done. 00:02:03.035 --> 00:02:07.713 All we had to do was send an email with the new account number. 00:02:07.957 --> 00:02:09.605 I hear you, I hear you, 00:02:09.616 --> 00:02:11.823 what about the email address, you're asking? 00:02:12.317 --> 00:02:17.058 This was ginormous and yet so simple. 00:02:17.474 --> 00:02:22.009 What we did was we posed as Premier Services, 00:02:22.155 --> 00:02:23.405 made the call, 00:02:23.416 --> 00:02:26.816 and when we were challenged with proving who we were, 00:02:26.827 --> 00:02:31.130 we asked for some latitude and offered proof by email. 00:02:31.499 --> 00:02:37.292 Then, when we sent the email, we just slightly changed the email address 00:02:37.303 --> 00:02:43.780 from PremierServices.com to PremierServicesLLC.com. 00:02:44.682 --> 00:02:50.311 Adding just three little letters to the email address from one of our guys 00:02:50.322 --> 00:02:54.405 let us add a whole lot of money to our bottom line. 00:02:54.571 --> 00:02:56.332 The real Premier Services? 00:02:56.376 --> 00:02:57.524 Well, 00:02:57.634 --> 00:02:59.520 let's just say they were a bit surprised 00:02:59.530 --> 00:03:02.924 when they didn't receive their normal payment on time, 00:03:02.935 --> 00:03:04.847 though they let Elizabeth know for sure. 00:03:04.991 --> 00:03:08.940 But by then, the money, and we, were gone! 00:03:09.496 --> 00:03:10.815 You know, 00:03:10.909 --> 00:03:13.268 I feel like I shouldn't be telling you this. 00:03:13.614 --> 00:03:14.722 Oh, well. 00:03:14.925 --> 00:03:17.159 You won't remember, will you? 00:03:17.528 --> 00:03:20.456 A big part of my job is customer service, 00:03:20.467 --> 00:03:22.081 that's what I was trying to do. 00:03:22.138 --> 00:03:25.222 To come through for a vendor who needed my help. 00:03:25.685 --> 00:03:29.579 I know our procedure and asked for a letterhead approval, 00:03:29.590 --> 00:03:31.590 but he was so convincing. 00:03:31.928 --> 00:03:35.409 I should have never accepted an email as a substitute. 00:03:35.559 --> 00:03:41.259 Next time, I'll follow up to confirm before I authorize any account change.