Payments fraud is not only alive, but thriving, now slipping its tentacles into 82 percent of companies surveyed for the 2019 AFP Payments Fraud and Control Survey. To put this in perspective, this same survey found 60 percent of companies reporting incidents of payments fraud just five years ago.
These rising numbers naturally beg the question: how are scammers gaining access to the inner sanctums of America’s businesses? While 75 percent of organizations reported check fraud, one increasingly popular way is through a relatively new phishing scheme, business email compromise (BEC). Infiltrating a record 80 percent of surveyed companies in 2018, up from 64 percent in 2014, this insidious break-in tactic relies heavily on social engineering to trick unsuspecting employees.
BEC scammers first do their homework, learning all they can about their corporate target, typically the CEO, CFO, or any executive authorized to approve the release of confidential data or corporate funds. Then they impersonate that unsuspecting “author” by crafting an email instructing that data or funds (typically in the form of check or wire transfer) be sent to a third party (the scammer). The majority of corporate BEC victims, 54 percent, reported financial loss due to this highly sophisticated — and continually “morphing” — mode of trickery.
What – or who — is to blame for the success of scams like BEC?
It’s become an almost knee-jerk reaction to blame IT when our business communication systems are compromised. But, according to the Ponemon Institute’s 2019 Cost of a Data Breach Report, one quarter of all corporate data breaches are caused by human error.
Today’s payments fraud trends serve as a warning call for companies to take preventative measures, ranging from employee education to implementing products and procedures that better protect what is typically the weakest link in the chain – the human link.
4 steps you can take
- Keep employees current on fraud trends as they evolve, including how to spot a fraudulent attempt. With the right training and education, they can be your best asset in terms of preventing and detecting fraud.
- Train relevant employees to confirm requests for transfer of data or funds by using phone verification as part of two-factor authentication.
- Set a standard for reconciling accounts daily and ensure that authorized signers are not the same people doing the reconciliation.
- Subscribe to fraud prevention tools to help protect against unauthorized payments; some of the most essential include Positive Pay, ACH Debit Blocks, ACH Filter, Universal Payment Identification Code (UPIC) and Dual Control Security, among others.
Although fraud continues to be a major concern for businesses, the banking industry has taken proactive steps over recent years to help mitigate it. Union Bank, for example, has invested in the technology, tools and expertise to better support early detection and prevention and safeguard our clients’ businesses from loss due to fraud. Only with an aggressive two-line defense – your efforts combined with ours — can payment fraud be reduced, if not prevented.
As the Commercial Banking Regional Manager for Orange County, Paul O’Mara and his team are responsible for delivering products and solutions for middle market and business banking clients within the footprint. Mr. O’Mara has more than 35 years of middle market commercial lending experience, with nearly 12 years spent covering the Orange County region. Contact Paul at 949-553-7102 or email paul.omara@unionbank.com
To learn more about Union Bank Commercial Banking services visit our website
©2020 MUFG Union Bank, N.A. All rights reserved. Member FDIC.
Union Bank is a registered trademark and brand name of MUFG Union Bank, N.A. unionbank.com
