The email lands at 2:47 p.m. on a Thursday. It looks like it came from your accountant.
The message says the wire routing number has changed. New account details are provided. Everything looks normal. Your office manager approves the wire without a second look.
By the time anyone realizes something is wrong, $85,000 is gone.
This is wire fraud, and it’s not some elaborate heist. It’s an email that looked close enough to real that nobody questioned it.
The Setup is Always Simpler Than You’d Expect
Criminals don’t need to break into your network. They don’t need your passwords. They just need one convincing email and someone too busy to stop and think.
What Actually Stops It
The answer isn’t complex security. It’s a phone call. Wire fraud works because email is trusted.
What Your Business Should Do
First: establish a policy. Any wire instruction that comes via email needs voice verification before it goes out. The policy takes thirty seconds to explain and costs almost nothing to implement.
Second: communicate the policy to everyone who handles wire instructions.
Third: enforce the policy. The moment someone skips verification is the moment you lose money.
Fourth: look at your email authentication. Fraudsters often spoof addresses that look similar to real ones.
The Cost Calculation
Wire fraud costs companies millions every year. A single incident costs anywhere from $20,000 to over $500,000 in direct losses. A policy that requires phone verification costs nothing. It takes thirty seconds per wire.