In recent weeks, we’ve noticed a cyber-security breach that could potentially impact our customers who issue wires from their bank accounts.

The breach arises when the email account of the intended recipient of a wire is hacked. When that hack occurs, the hacker monitors the email communications, and changes the wire instructions sent to the party that originates the wire. When this occurs, the wire is redirected to an account other than the account the original recipient intended.

Once the wire is sent to the redirected bank account, it is virtually impossible to recall it, as it is generally sent to multiple accounts in a subsequent wire transfer chain. The net effect is that the party who sent the wire, not the intended recipient, will have lost the money. While liability may ultimately rest with the party whose email was hacked, it could take an extended period of time to figure out the rights of the various parties.

The best way to prevent this from happening is for the sender of the wire to confirm the wire instructions that are received from the intended recipient. You should do this by verbally reviewing the instructions by telephone. Do not confirm the wire ​instructions by email: if an email account has been hacked, the hacker will be monitoring the correspondence and will  re-confirm the original altered instructions.

Although this precautionary measure requires an additional step, it is the best way to prevent the wire going to the hacker.

As always, your Orange Bank & Trust team is ready to assist you. So, if you have any questions or concerns about this – or any banking matter – please do not hesitate to contact us.