Whether it’s a compromised email, ransomware, mail theft, or other criminal attempts, fraudulent schemes continue to trend upward and can cost businesses and consumers alike.
Scammers don’t discriminate when it comes to the size of the businesses they target, putting companies large and small at risk. ‘The best defense is a good offense,’ so you will want to take some proactive steps to help prevent falling victim to online scams or cyberattacks.
Building a strong IT and cybersecurity team is a good first step to help your business put the digital infrastructure in place to make your work environment more difficult to infiltrate.
Ensure your business banking accounts are enrolled in online banking and take the time to set up card controls and account alerts to maintain strong oversight. Remember to not use the same passwords across multiple sites and always ensure your bank has multi-factor authentication for your accounts.
Additional proactive steps that can help protect your business include:
- Reconciling accounts daily to stay organized in real time and mitigate risk.
- Ensuring no single employee has access to every part of the company’s financial accounts.
- Dedicating one secure laptop or workstation for online banking/financials when possible, and avoid using it for email and other online browsing.
- Ensuring all devices are protected and security software is updated (i.e., current security patches and antivirus software).
- Taking inventory of the customer information your business stores, who has access to it, and ensuring it is locked down or destroyed when no longer needed.
Check and Payment Fraud
Check and payment fraud continued to rise in recent years and can have a major impact on businesses and consumers alike, but there are measures you can take to help protect your company, including:
- Invoicing right away if possible. The sooner you get an invoice out after your products or services are sold, the sooner you should or could get paid.
- Requesting deposits when taking orders if possible.
- Offering discounts when taking orders to encourage early payment.
- Accepting cards and offering ACH as a means for payment rather than extending the payable timeline.
- Utilizing positive pay services can help prevent fraud, as details you share with your bank about the checks your business has written can be compared against checks being cashed or deposited to ensure payments match.
- Implementing incoming and outgoing wire alerts.
- Implementing smart safe technology, particularly for large cash deposits, which can help ensure payments are properly tracked and deposited, as well as reduce human error and save employee time.
Phishing and Spoofing
Phishing and spoofing are other common scams that can be costly if you fall victim. Scammers often attempt to spoof legitimate emails, texts and even phone calls that look as if they’re coming from your financial institution.
Be mindful that banks typically do not call you directly, and when in doubt, you can always hang up and call your local branch or the bank’s customer service line to verify if the call is legitimate.
These scams often involve asking for sensitive information to be provided “urgently” or asking recipients to click a link that allows malware and other programs to be installed on devices. It is important to review emails and other requests for sensitive information closely to look for warning signs of fraud and never click a suspicious link.
Phone scams also continue to increase, with criminals spoofing real phone numbers for businesses to give the appearance their calls are legitimate. These scams not only impact you and your business, but can also be detrimental to your customers if your organization’s numbers are spoofed.
If Your Business is a Victim of Fraud
It is important to have an incident response plan in place to help you act quickly. Talk to your insurance provider to see if they offer cybersecurity policies and incident response services. If your business is the victim of fraud or cyber breaches, take these steps:
- Identify what was compromised and consult your IT and security, legal, and finance teams as well as various service providers.
- Contact your financial institutions to freeze your accounts, place a stop payment on missing or stolen checks, report instances of fraudulent charges, get new cards and account numbers.
- File a police report and ensure you’re also following any other reporting requirements for law enforcement and regulatory agencies.
Education can be the most powerful tool to prevent fraud, so ensure employees receive regular training to help protect your company and themselves. For more tips and resources, visit WSFS’s Knowledge Center and Security pages.
- Report suspicious cyber fraud to the FBI: https://www.ic3.gov/
- Fraud Resources from the FTC: https://reportfraud.ftc.gov/#/
- Caller ID Spoofing Resources: https://www.fcc.gov/spoofing
Ray Abbott is senior vice president, head of cash management at WSFS Bank. He has 35 years of experience in the financial services and banking industry. Ray is the Delaware United Way’s Banking Sector Campaign Chair, and a member of the Delaware Bankers Association’s Electronic Fraud Task Force, the Pennsylvania Association of School Business Officials, and the Association for Financial Professionals. He received his bachelor’s degree in business and economics from the University of Pittsburgh and an MBA in accounting from Saint Joseph’s University.