OCTOBER IS CYBERSECURITY MONTH
Protect Yourself against Payment Fraud
As we look ahead to 2023, the need for caution around cybersecurity remains critical, with the business community as a key target. Over the last few years, the losses from wire transfer and ACH fraud have grown at an alarming rate. Cyber resilience is essential to fending off these dangers and protecting your business.
There are some key strategies to control, lessen, and even stop these attacks.
Be on Alert for Red Flags
- FAKE PAYMENT INSTRUCTIONS. Be wary of wire transfer and ACH payment instructions received via email, especially when they involve payments to new accounts. Fraudsters can easily forge emails and send fake instructions.
- UNUSUAL SENSE OF URGENCY. Fraudsters may specify that the funds need to be sent as soon as possible. Also, they may set email as the only method of contacting the client, rejecting all other channels.
- EMAIL SPOOFING. Fraudsters try to earn trust of their victims by sending emails with a falsified “from” address. Their goal is to lure recipients into opening and responding to unwanted messages.
- EMAIL PHISHING. Watch for unsolicited emails or websites appearing to be from legitimate individuals, reputable businesses or government agencies. They attempt to obtain the victim’s personal or private financial information, including credit card, bank account or login credentials.
- CORPORATE ACCOUNT TAKEOVER (CATO). Fraudsters gain control of systems by stealing sensitive employee credentials. This allows them to initiate fraudulent wire transfers and ACH transactions.
- Always double check by calling the vendor or business partner directly to verbally confirm the payment information. Use only confirmed phone numbers, not ones provided in an email or text message.
- Never initiate any wire transfer or ACH payment based only on an email or text.
- Always reconcile payments legitimate invoices before paying. Criminals are known to impersonate trusted vendors to request fraudulent payments.
- Know Your Customers (KYC): watch for changes in routines and habits, including the reason, details and payment amounts.
- Limit the number of devices used for various business functions. Consider conducting online banking on dedicated devices segregated from other business functions.
- Always monitor your bank statements and wires, ACH and other financial transactions to check for potential fraud.
- Keep your computer’s software up to date and CHANGE your passwords regularly, or at least every 30 to 60 days.
- Set up fraud alerts and notifications through your online banking platform.
- Consider cybersecurity insurance coverage.
- Educate employees to be wary of clicking on unsolicited emails and websites.
Cyber resilience is essential to fending off these dangers and protecting your office from attacks. If you suspect you are a victim of fraud, contact your financial institution immediately.