As remote work has taken hold, conducting business electronically has become the norm—and scammers have taken notice. Fraud in business banking has become even more sophisticated, making it extremely difficult to spot. It’s no longer as simple as looking for a misspelling or a typo in a subject line, as methods are continually changing to make fraud look legitimate.

As methods of financial fraud continue to evolve, we maintain our belief that the best way to protect yourself is to have a strong relationship with your banker and work as a team. Based in Phoenix, Phil Neidhart, senior vice president of treasury management, advises clients on ways to strategically administer their cash flow options and large financial decisions, including understanding and actively managing potential fraud risks.

Here he shares some common fraud scams, tips for protection, and ways to minimize and manage fraud attempts.

What’s new in business fraud?

The changes we are seeing include high-level schemes involving social engineering and business email compromise (BEC). These scams can be so elaborate and seemingly legitimate – sometimes spanning days, weeks or months — that you wouldn’t think twice before responding to a scammer with sensitive information.

From a digital perspective, fraudsters can learn your company’s frequent behaviors and hack emails to make their approach more realistic and credible in appearance. For example, you could receive a reply email from a known vendor stating they have been compromised and need you to send a payment in a new way. These pervasive phishing attacks have resulted in losses of $2.9 billion in 2023 alone.

Though it’s an older form of fraud, we still frequently remind clients about check fraud. Because many businesses shifted their focus to digital fraud, we’ve seen an increase in check fraud. Believe it or not, check fraud is still the number one type of fraud we see today.

How can I protect myself and my business?

First, and most importantly, you need to have genuine relationships with your vendors—especially with your bankers. Fraud is about creating belief in scams, but if you have a regular relationship with the people with whom you do business, it’s significantly harder for fraud attempts to look credible.

Your banker should be continuously working to understand your business, how you operate, how you pay vendors, and potential risk points, so any inconsistencies can be spotted immediately. There are instances where we contact customers to ask, “Did you mean to send that payment, because it looks strange based on your past activities.”

They should also regularly share best practices from a process standpoint. This includes technology solutions that can help identify fraud attempts, such as Positive Pay, payee validation, and e-payables solutions—all of which are aimed to combat common fraud scams.

What are the best ways to avoid business fraud?

Here are a few things you can start doing now to help prevent business fraud.

  • Call before you click. If you have an unusual link in your email asking for payment, pause for a moment and pick up the phone to call your vendor using the phone number you have on record, not one which may be contained within an email.
  • Don’t send money to anyone you don’t already know. Remember, emails may look like they’re from your vendor or trusted partner, but if they are asking you to take a new step or do something different, it’s always best to verify the request over the phone or in person.
  • Know your vendors and your bankers. Touch base regularly to know when something is changing or needs updating. You should never hear about a change for the first time in an email.
  • Don’t give your information via email. If anyone—even someone you trust—is asking for confidential information, it is always best practice to verify that request another way.
  • Just because you don’t use an account often doesn’t mean you don’t need protection. Sometimes people think accounts that aren’t a business’ main cash flow account aren’t at-risk, but that is not always the case. You should actually pay extra attention to these accounts, as the ones not used daily may be more susceptible to fraud because it typically goes unnoticed for longer.

First thing’s first

Try not to be overwhelmed. There are many practices you can start today to protect your business.

  • Review your accounts. Look at all your accounts, and review your activity, including regular payments and accompanying details. Become familiar with the activity and expectations of each account. Set time each day to review all accounts to check on activity and money movements.
  • Make sure all your accounts are protected with appropriate forms of fraud protection.
  • Talk to your banker and Treasury Management officer. Catch up with your relationship team to discuss your accounts and structure. They will help guide based on your specific needs.
  • Ask your banker what could be better. Start by asking, “Is there anything else I should be doing?” You may be surprised by what your bankers have caught or may suggest based on your business type and situations they have helped manage with other clients. Review all forms of payment methods, including E-payables, which provides many benefits, and most importantly, a reduction in fraud exposure.
  • Implement tools. Heed advice from your banker and consider implementing tools to help protect yourself and your business. The bottom line: if you haven’t made changes to your payables plan in a while, or if you haven’t touched base with your banker, or Treasury Management officer recently on where you may have weaknesses, it’s time.

Don’t wait to become a case of “I can’t believe it happened to me” before you take preventative action.

To hear more from Phil on the latest with fraud protection for personal and business banking, listen to his recent interview on the AZBig Podcast‡.

Stay informed on industry trends and noteworthy company news by visiting our Industry News section on umb.com

When you click links marked with the “‡” symbol, you will leave UMB’s website and go to websites that are not controlled by or affiliated with UMB. We have provided these links for your convenience. However, we do not endorse or guarantee any products or services you may view on other sites. Other websites may not follow the same privacy policies and security procedures that UMB does, so please review their policies and procedures carefully.