From f2ae2709db80bc0e6a1479f57467841af8377794 Mon Sep 17 00:00:00 2001
From: "Jimmy Chen [SSW]" <112846253+JimmyChenSSW@users.noreply.github.com>
Date: Thu, 6 Feb 2025 17:09:35 +1100
Subject: [PATCH] New Rule - Phishing for Payments (#9860)

* Update rules-to-better-accounting.md

* Create rule.md
---
 .../rules-to-better-accounting.md             |  1 +
 rules/phishing-for-payments/rule.md           | 65 +++++++++++++++++++
 2 files changed, 66 insertions(+)
 create mode 100644 rules/phishing-for-payments/rule.md

diff --git a/categories/company-operations/rules-to-better-accounting.md b/categories/company-operations/rules-to-better-accounting.md
index 4a28467f9df..3be540da294 100644
--- a/categories/company-operations/rules-to-better-accounting.md
+++ b/categories/company-operations/rules-to-better-accounting.md
@@ -5,6 +5,7 @@ guid: 31ac668b-6826-461f-ba34-964e46984c6d
 uri: rules-to-better-accounting
 index:
 - salary-sacrificing
+- phishing-for-payments
 - do-you-tie-knowledge-to-the-role
 - monthly-financial-meetings
 - compliance-sheet
diff --git a/rules/phishing-for-payments/rule.md b/rules/phishing-for-payments/rule.md
new file mode 100644
index 00000000000..194f6f1e0cb
--- /dev/null
+++ b/rules/phishing-for-payments/rule.md
@@ -0,0 +1,65 @@
+---
+seoDescription: Phishing for Payments.
+type: rule
+title: Do you know how to prevent phishing for payments?
+uri: phishing for payments
+authors:
+  - title: Jimmy Chen
+    url: https://ssw.com.au/people/jimmy-chen
+related:
+  - recognizing-phishing-urls
+  - using-mfa
+redirects:
+  - do-you-know-how-to-prevent-phishing-for-payments
+created: 2025-02-06T01:27:10.000Z
+archivedreason: null
+guid: c72fa325-be7f-4490-afee-8374cf9ecc92
+---
+
+According to the Association of Certified Fraud Examiners' 2024 report, organizations lose an estimated 5% of their revenue to fraud each year. 
+
+In Australia, cybercriminals are increasingly targeting businesses, leading to global losses of up to $2.9 billion annually. 
+
+Accountants and accounts payable professionals are prime phishing targets due to their access to financial transactions, and some may lack cybersecurity awareness. 
+Scammers exploit this through fake invoices, compromised emails, and fraudulent bank detail changes
+
+<!--endintro-->
+
+It always requires extra care and diligence on money, accountants can follow the suggestions below to mitigate these risks.
+
+1. Recognizing Phishing URLs
+
+Phishing emails often contain malicious links that can lead to fraudulent websites.
+
+See SSW Rule - [Do you know how to recognize phishing URLs?](https://www.ssw.com.au/rules/recognizing-phishing-urls)
+
+2. Preventing Email Compromise & Fraudulent Payments
+
+Attackers often hack business emails to send fake payment requests or change bank details.
+
+•	**Enable MFA** - Be careful to manage your passwords and always use Multi-factor authentication
+
+See SSW Rule - [Do you use MFA and avoid typing passwords?](https://www.ssw.com.au/rules/using-mfa/)
+
+•	**Use security tools** - Use email security tools (e.g., Microsoft Defender).
+
+•	**Verify changes by phone** - Always call a known contact using a verified number before processing any changes. Never trust phone numbers from emails requesting updates.
+
+•	**Monitor email forwarding rules** - Hackers may set up auto-forwarding to steal sensitive information. Regularly review and disable unauthorized forwarding.
+
+3. Adding an Invoice Disclaimer to Prevent Fraud
+
+Including a disclaimer on invoices can help prevent phishing attacks that aim to alter billing details.
+
+•	Authorized domain only - Clearly state that all official communication, including billing and invoices, will only come from a specific domain (e.g., @company.com).
+
+•	Changes only come from verified channels - Any changes in payment details will only be communicated through verified channels, such as a notification with the company seal or a direct phone call from an authorized representative
+
+::: greybox
+**Example:**
+
+To ensure the security of your payments, please be aware that SSW will never request changes to our bank details via email. All official communications regarding billing details will only come from emails originating from our authorized domain: @ssw.com.au.
+
+:::
+
+**✅ Good Example**