Most companies are a target for fraud and knowing how to protect a business against fraud threats is critical in the digital landscape we are living in today. Use these five tips to help ensure your business is protected from potential fraud and cyberattacks.
There are many types of business fraud to consider, but four types have grown to become the highest threat to businesses.
- Asset misappropriation. As the most common type of fraud, asset misappropriation is when an employee steals cash or other assets through fraudulent means.
- Business email compromise (BEC). BEC is a scam designed to access company information through phishing, social engineering, email, social media account spoofing and malware and can involve vendors, billing systems and online message traffic.
- Social engineering. Fraudsters use deception, manipulation and trickery to influence a target to go outside of standard security protocols to divulge information for nefarious purposes. For example, fraudsters can ask a user to give up a login and password, change banking information or send a confidential business file because it was recently “lost” by accident.
- Insider fraud. Insider fraud is when a person accesses your valuable digital resources.
The impacts of fraud can be damaging and include massive financial and reputational losses. Most organizations acknowledge the nature and severity of the threat of fraud. In many instances, despite recognizing those risks, new technology causes institutional blind spots, while fraudsters use more sophisticated methods to attack weaknesses. Understanding the types of fraud and recognizing flaws in the process where a business can be vulnerable is critical.
Companies’ clients and vendor payment systems are being compromised more often and sending fraudulent bills. This means that companies think they owe money or are behind on payments when that’s not necessarily the case. The real trouble is that when companies receive these fraudulent bills or post-due payment notices, they often don’t double-check to confirm the validity and end up paying them. However, once the payment is made, it’s challenging to recover it.
The most important thing a business owner can do to combat these cyber scams is to be vigilant. When receiving a payment request, don’t just pay it right away. Double-check all requests received and confirm that the documents are accurate. If there is any sense of fraud, pick up the phone and call your financial partners or vendors to validate the request. If something doesn’t feel right, it probably isn’t. Change your passwords frequently and make them difficult to guess and remember that being asked to confirm personal or financial information via email is not considered a standard practice.
As fraud schemes become more sophisticated, financial organizations can’t solely rely on having a sharp eye. Well-established workflows and systems must be in place ahead of time. In 2020, 74% of organizations were targets of payment scams, according to the 2021 AFP Payments Fraud and Control Survey.
Phishing, the act of sending an online message pretending to be someone else, often includes a request for the recipient to take some detrimental action, like downloading an attachment or clicking a link that can provide the attacker with sensitive data. This data can give the fraudster login credentials and any online privileges the victim holds. Having a system that filters those types of emails into spam is critical to avoid falling victim to phishing attempts.
BEC scams are also tricky to identify because the fraudster finds a way to impersonate a trusted decision-maker. One typical example is perpetrators impersonating a company executive and sending an email “as” that executive requesting completion of a wire transfer. In this example, if an organization does not have an established workflow for handling these types of requests in place, a fraudulent wire transfer could be completed by an unknowing employee.
In the aftermath of the pandemic, companies have shut down or limited access to offices, encouraged or mandated work from home policies and canceled work events and gatherings. Balancing the necessity of distancing employees with continuing vital business in a struggling economy is top of mind everywhere. Even the best business continuity plans didn’t contemplate current circumstances. Unfortunately, one activity that impacts many businesses but is unlikely to slow during the pandemic is fraud attempts. Companies are still the targets of payments fraud, with fraudsters utilizing BEC to alter checks, wire transfers, corporate credit cards and employee theft.
Preventing BEC takes a plan, safeguard tools and education for all. This means ensuring employees have the proper training for fraud detection, which usually requires having regular education sessions with your team. Focus on creating an atmosphere where employees feel open to sharing any unusual behavior. Helping employees feel empowered and educated is key to stopping BEC in its tracks.
From altered checks to wire transfers and corporate credit cards to employee theft, payment frauds come in all forms. Unfortunately, many businesses are more aware of the different types of fraud than ever before and many are putting measures in place to combat the growing issue. This includes educating themselves and their staff on proactive steps they can take to minimize risk.
Checks and wire transfers continued to be the payment methods most impacted by fraud activity. If businesses are still using checks regularly, there are several reasons to shift to electronic methods. In addition to fraud mitigation, commercial cards can also help businesses to:
- Increase cash flow
- Pay bills faster
- Retain cash and float payments for longer periods
- Participate in reward programs and receive cashback and rebates
- Lower administrative costs by streamlining payments and reconciling employee purchases automatically
From a safety perspective, built-in protections such as Europay, MasterCard, and Visa, chips and payment controls allow administrators to closely monitor and regulate card spending, which creates a fraud risk management infrastructure that is significantly stronger than that of check security systems.
While preventative measures can help protect against fraud, it will always exist in one form or another. What you can do is educate employees to make sure they are using the most up-to-date technology and work with your financial partner to ensure the best practices and protective measures are in place. When it comes to business fraud, the old saying remains true, “an ounce of prevention is worth a pound of cure.”
If you are interested in learning more about how UMB can help your business as a financial partner, visit our website.
When you click links marked with the “‡” symbol, you will leave UMB’s website and go to websites that are not controlled by or affiliated with UMB. We have provided these links for your convenience. However, we do not endorse or guarantee any products or services you may view on other sites. Other websites may not follow the same privacy policies and security procedures that UMB does, so please review their policies and procedures carefully.