Practice Management Member Conversations

Community HTML

Clouds

Quick Links

Who we are

The Practice Management Knowledge Community (PMKC) identifies and develops information on the business of architecture for use by the profession to maintain and improve the quality of the professional and business environment.  The PMKC initiates programs, provides content and serves as a resource to other knowledge communities, and acts as experts on AIA Institute programs and policies that pertain to a wide variety of business practices and trends.

Expand all | Collapse all

"Man in the Middle" Cyber attacks

  • 1.  "Man in the Middle" Cyber attacks

    Posted 16 days ago

    Recently we learned of "man in the middle" cyber attacks. Email addresses of clients and firm staff are overtaken by a "man in the middle" scheme posing as you and your client. According to Microsoft some nefarious entities monitor email messages related to accounts payable and posts emails that appear to be from each party but are not. This middle man convinces the client that your firm no longer accepts payment by check given potential mail delays/fraud and provides an electronic funds transfer account number. The unsuspecting client transfers the funds to the middle man and the payment evaporates.

    To prevent this cyber attack we are advising every client via USPS that we do not accept payment by electronic fund transfers and to contact us immediately by phone should they receive any correspondence that requires ETF payments. In addition Microsoft has required that users of Office 365 engage dual authentication for all Microsoft programs on all platforms.

    Ronald Battaglia, FAIA

     

    Sent from Mail for Windows 10

     

    ICYMI: Shifting perceptions of workplace relationships | Watch the recorded webinar


  • 2.  RE: "Man in the Middle" Cyber attacks

    Posted 12 days ago
    We are also aware of the potential EFT fraud and only send them in special circumstances (advance deposits or non-US vendors) after their information has been verified. Another form of fraud is a supposed email from an existing client changing their banking information. Any changes we receive, either by email or mail, are verified by phone. We pay almost exclusively by check to try and prevent any of this.

    ------------------------------
    Frank Sica AIA
    Senior Vice President
    Cannon Design
    Buffalo NY
    ------------------------------

    ICYMI: Shifting perceptions of workplace relationships | Watch the recorded webinar