The instruction was unusual, but it was not questioned: the chief accountant of a company received several emails from a private email address in the home office. The sender was supposed to be his boss. At least his name was on the sender line. In the letter, the alleged managing director asked him to transfer around 350,000 euros to an account in Hungary. The boss needed the money for an alleged purchase of securities. The transfer must therefore be treated with complete discretion. The accountant did as she ordered him. She organized the transfer. A little later it turned out that the woman had been scammed.
Fraud expert Rüdiger Kirsch warns that such cases of fraud are encouraged by working from home. He presented the case at a meeting of the German Insurance Association (GDV). The manager works full time for the credit insurer Euler Hermes and also chairs the GDV loyalty insurance working group.
Kirsch drew attention to two problems in the home office. “Unfortunately, there is some wild growth thanks to flexibly managed data protection rules, whereby such instructions take place via private emails,” he said. “The second point is that the two CEOs could have been reached by phone.” However, the accountant did not have the private phone numbers, which is why she could no longer call the bosses back.
Often there is also a lack of risk awareness in mid-sized companies
Kirsch sees another problem in the home office in the fact that employees’ inhibitions against fraud may be lower if they do not feel like they are being watched. However, the manager does not want to demonize working from home. But it’s important to him: “All safety rules and requirements should also apply without restriction to the home office.
According to a GDV survey, many mid-sized companies still lack sufficient risk awareness. Only eight percent of policymakers believe the pandemic has created new cyber threats. “Conversely, this means that more than 90% think nothing has changed,” said Ole Sieverding, cyber expert at specialist insurer Hiscox. “From our point of view, this is wrong perception and wrong knowledge.