While payment fraud attempts have decreased slightly as the turmoil of recent years decreases, payment fraud attacks still affect nearly 3 in 4 businesses each year.
Payment fraud attempts affect businesses of all sizes, and cybercriminals target every payment type, from credit cards to ACH transfers. Impacted companies may experience financial and nonfinancial consequences from these attacks, including cost and reputation damage. You can take steps to protect your business by implementing a few appropriate controls.
If you have experienced a fraud attempt, there’s a good chance that criminals may target your business again through other methods. Almost half of companies in a recent survey had experienced at least one fraud — with the average being six per company. To defend yourself, it makes sense to address your fraud strategy sooner than later.
Understanding the answers to these questions may help as you assess your current fraud-prevention systems or seek new options:
Why has payment fraud increased?
Even as organizations and governments invest millions in prevention and training, payment fraud continues. Sophisticated cybercriminals use evolving technology to target businesses and individuals in new ways. In addition, as more companies implement online payment and money management options, scammers have more opportunities to attack.
Which payment methods are most vulnerable to fraud attempts?
Cybercriminals most often target checks and wire transfers. However, ACH payment fraud has recently increased as scammers’ tactics adapt. In an ACH attack, criminals generally look for weaknesses in the process leading up to the payment rather than targeting the payment itself. Fraudsters use phishing scams and business email compromise (BEC) in these cases.
Which organizations face the most payment fraud risk?
Unfortunately, criminals use an equal opportunity approach to fraud, targeting small and large organizations alike. In addition, the risk applies to all departments of your business and is not necessarily localized in the finance division. Your human resources department processes payroll and direct deposits, offering an attractive target. In addition, the FBI recently reported an increase in fake job listings by scammers attempting to steal job applicants’ personal information .
How can you protect your business from payment fraud?
Cybersecurity solutions vary according to business size and industry, but these general internal guidelines can help protect all organizations. You may wish to:
• Stay alert for fraudulent activity, and create systems to double-check records as often as possible.
• Prevent internal fraud by assigning financial and accounting duties to different people.
• Secure your business checks and limit internal access to them.
• Inventory your checks regularly.
• Pay vendors using ACH credits, not ACH debits.
• Follow a clear, standardized banking and approval process.
• Review financial statements immediately and check them against your internal records.
• Protect accounts payable by implementing a process to verify new suppliers.
• To avoid business email compromise (BEC) and email-related fraud attempts, conduct online banking using a single, dedicated, bank-verified computer.
Cybercriminals continue to adapt their methods and look for new ways to access sensitive data. To learn more about how our team of expert bankers can help you protect your business from payment fraud, contact your Western Alliance Bank relationship manager or find out more about what our bank can offer businesses like yours.