not featured
2024-08-29
Business
published
Patsy Templeton, Senior Vice President, Craft Bank
Each year, the Association of Financial Professionals (AFP) publishes its annual payment fraud study. Even given the controls and processes businesses put in place, fraudsters continue to advance their scams by devising different methods to trick employees at businesses and their consumers.
Some key findings from this report include:
- 80% of organizations reported having been targets of payments fraud activity in 2023, an increase from 65% in 2022.
- Checks continue to be the payment method most susceptible to fraud, as reported by 65% of respondents.
- 70% of organizations using checks have no immediate plans to discontinue their use.
- For the first time since AFP began conducting the payments fraud survey, ACH credits have surpassed wires as the most vulnerable payment type for BEC fraud.
- 63% of organizations experienced some form of BEC in 2023.
You have heard about consumer scams online or on the news, you’ve read a story about an elderly person whose retirement funds were drained by a pretend tech support representative, or you’ve seen something on the news about thieves stealing checks out of mailboxes. These types of scams continue to be a threat to individuals and businesses. What you may not realize is that many businesses find themselves to be the victim of this fraud.
In many cases, businesses don’t recognize the signs of fraud and don’t know what’s happening until it’s too late. That's why being vigilant and ready to outsmart those fraudsters is more important than ever.
What types of fraud should your business be on the lookout for?
PHISHING ATTACKS
Phishing attacks use fraudulent emails, text messages, phone calls, or websites to trick people into sharing sensitive data, downloading malware, or otherwise
exposing themselves to cybercrime. In a typical phishing attempt, a fraudster pretends to be someone you trust, like a colleague, boss, known vendor, authority figure, or representative of a well-known brand. The hacker sends a message directing the victim to pay an invoice, open an attachment, click a link, or take some other action.
BUSINESS EMAIL COMPROMISE
Business email compromise (BEC) scams occur when a fraudster impersonates a
company executive or trusted vendor to manipulate employees into transferring funds or sensitive information under false pretenses. BEC scammers use various tactics like social engineering, email spoofing, and gathering information about organizations to exploit weaknesses.
company executive or trusted vendor to manipulate employees into transferring funds or sensitive information under false pretenses. BEC scammers use various tactics like social engineering, email spoofing, and gathering information about organizations to exploit weaknesses.
TIPS FOR FRAUD PREVENTION AND DETECTION
- Never rely solely on an email for requesting or authorizing a payment.
- Implement check and balance process for employees with access to create and approve payment transactions.
- Educate employees on threats posed by phishing attempts and how to identify them.
- Reconcile transactions daily and quickly request a return of any unauthorized debits.
- If you notice fraudulent activity, it’s important to act quickly and contact your treasury sales and support team.
- Implement policies for providing appropriate verification of any changes to existing invoices, bank deposit information, and contact information.
These controls can significantly reduce the risk of fraud within your company. By adopting and following these practices, you can strengthen your internal controls and protect your assets from fraudulent activities.