Protect Your Business From Fraud

In today's digital age, businesses of all sizes face a growing threat to their financial stability and reputation from fraud. Fraud affects everyone, from small family-owned businesses to large multinational corporations.

Despite increasing awareness, the FBI's 2023 Internet Crime Report showed a record number of complaints from the American public: 880,418 complaints, with potential losses exceeding $12.5 billion. Investment fraud saw the biggest increase in 2023, rising 38%, with losses of $4.57 billion. Scammers design investment fraud schemes to target people looking for high returns on their investments.

Awareness alone isn't enough to fight fraud effectively. Businesses need a proactive approach with ongoing vigilance and a comprehensive security strategy. Common fraud attempts include deceptive tactics like phishing (email scams), vishing (phone scams), smishing (text message scams), and pharming (redirecting website traffic). Fraudsters also use fake audio and video to trick people in remote work situations. Even Bluetooth connections in vehicles, earbuds, and wearable devices can be vulnerable.

"We're here to arm you and your business with the defenses you need to combat fraudsters' ever-evolving tactics. Together, we can protect your business by implementing fraud prevention strategies and solutions. Reach out for a complimentary account review and protect your business deposits. Your security is our priority."

– Jake Garcia, VP, Treasury Solutions Relationship Manager

Security Measures to Protect Your Business From Fraud:

1. Verify Payment Instructions:

   • Set up internal procedures to verify any changes to payment instructions.
   • Verbally confirm changes with known contacts before sending funds.
   • Don't process payments based on email alone. Always verify through another method of communication.
     

2. Mobile Device Security:

   • Keep your device and all apps updated, and only install apps from trusted app stores.
   • When installing apps, only allow necessary permissions. Avoid granting access to your contacts, microphone, camera, location, etc., unless absolutely needed.
   • Remove any unused apps from your device.
   • Use a strong passcode to secure your device. Even with fingerprint or face recognition, the passcode is still needed to access your device.
   • Avoid storing sensitive information on your mobile device.
   • Use encryption, and disable features you don't need.
     

3. Password Management:

   • Use strong, unique passwords at least 12 characters long.
   • Don't share passwords in person or by phone, text, or email.
   • Include a mix of letters, numbers, and special characters in your passwords.
   • Use a password manager to securely create and store passwords.
     

4. Computer Security:

   • Keep your operating system and software up to date.
   • Enable two-factor authentication (2FA) for all online accounts, including email, banking, credit cards, shopping, etc. Passwords alone aren't enough to secure your accounts.
   • Install and maintain antivirus software.
   • Password-protect your computers, and use fingerprint or face recognition if available.
   • Make sure the built-in security features are turned on for your devices.
   • Use encryption for laptops and portable devices.
     

5. Email and Internet Browsers:

   • Be cautious when opening unsolicited emails. Watch out for phishing attempts that try to steal your login information, trick you into clicking on dangerous links, or convince you to open harmful attachments. Be wary of emails with unusual requests, a sense of urgency, or unexpected links and attachments.
   • Before entering sensitive information like passwords or credit card details, make sure the website address starts with "HTTPS://" to ensure a secure connection.
   • Always log out of password-protected websites when you're finished using them.
   • Be careful when installing browser extensions or add-ons. Only install them from trusted sources, and remove any that you no longer need or use. 

6. Cybersecurity Controls:

   • Keep a record of your security measures.
   • Train employees about potential threats, and hold regular security awareness sessions to cover:
     • How to spot and report suspicious activities
     • How to handle sensitive data properly
     • How to follow security best practices
     • Use of two-factor authentication (2FA) for logging into devices and applications, especially for all online accounts
   • Use bank fraud protection services, such as:
     • Positive pay (which matches checks presented for payment against a list of checks issued by your company)
     • ACH filters and blocks (which limit who can make electronic withdrawals from your account)
     • Dual control (which requires two people to approve transactions)
       

7. Information Security:

• • Identify and classify the sensitive information your business collects, processes, and stores.
  • Keep only the data you need, and securely get rid of information that's no longer necessary.
  • Put appropriate security measures in place to protect sensitive data, such as encryption, access controls, and secure backup systems.
  • Create a clear plan for responding to security incidents and keeping your business running, and regularly test and update these plans.
  • Thoroughly check the security of any outside vendors or service providers you work with.
  • Include specific security requirements in contracts with vendors, and regularly verify that they're meeting these requirements.
    

Businesses should also watch out for common fraud schemes targeting them, such as:

• Business email compromise (BEC) — where fraudsters impersonate company executives or vendors to trick employees into sending money or sensitive data
• Vendor email compromise — where fraudsters hack into vendor email accounts to request fraudulent payment
• Payroll diversion — where fraudsters pose as employees to change direct deposit information and redirect paychecks

To prevent and detect these types of fraud, businesses should:

• Verify payment instructions through multiple channels, not just email
• Train employees to identify and report suspicious emails
• Require strict approval processes for any changes to vendor or payroll information

Being a target of fraud is not a matter of if, but when. By staying informed, putting comprehensive security measures in place, and creating a culture of vigilance, businesses can reduce the risks of fraud and ensure a more secure future.