Tips to Prevent Losses to Your Company Due to Electronic Transfer Fraud

Fraud Prevention

In light of the recent news regarding businesses and municipalities losing money due to electronic transfers, here are some best practices for you to review with your company.

According to the FBI, in 2020, businesses reported losses exceeding $4.1 billion which is a 69% increase from the reported incidents in 2019. These are just the reported incidents; the actual losses are likely much higher.

These incidents involved electronic transfers that are usually a wire transfer or an ACH transfer initiated by a company to another party. These transactions are processed the same day (some ACH transactions cannot be done this way) and are perfect options for criminals. Once the funds leave your account, they cannot be stopped.

To help your company avoid these losses, please review the following with your teams: 

• Train your employees on ways to identify phishing emails and only click on links or attachments in emails if they know the sender, are expecting the email, and they hover over the link to determine its destination. Potential phishing emails should not be replied to or forwarded to others within your company.

• Train your employees on social engineering attempts. This includes someone threatening or pretending to be law enforcement or even a bank to ask for information or direct an electronic transfer. This could also include receiving a phone call or email from someone that appears to be a trusted vendor, your CEO, or even a family member but is really a criminal instead.

• Require a call back verification to a known good number on file for any emailed or faxed electronic transfer requests.

• Require verification procedures for any requests to change banking information for an existing vendor/payment.

• Require verification procedures for new vendors set up in your systems prior to paying any invoices.

• Contact your insurance company to review your coverage for any electronic transfers sent by your company based on a bad email; FDIC insurance does not cover these types of losses.

• Set up dual approvals for any electronic transfers initiated by your company.

• Enroll in Positive Pay to protect your accounts against unauthorized checks and ACH activity.

These best practices are in addition to the technical and physical controls you should have in place to protect your environments. 

We plan to host a cyber related seminar in the fall of 2021 for the Bank’s Business Leadership Forum with more information found by clicking here. In the meantime, please view our previously recorded presentation on cyber incidents.

For more information on business email compromise, please visit this website from the FBI.

If you would like to speak to someone about ways to protect your accounts, reach out to our Cash Management Advisory Team or your local Enterprise Banker.

More Learning

Common Phone Scams on the Increase

Since the beginning of 2022, there has been a substantial increase in scams targeting unsuspecting victims through fake phone calls, text messages or emails.

Banking 101: What is FDIC Insurance?

FDIC Insurance protects bank depositors against the loss of their insured deposits in the event that an FDIC-insured bank or savings association fails.

Banking 101: What is a Money Market Account?

A Money Market Account (sometimes referred to as a Money Market Demand Account or MMDA) is an interest-bearing savings account which also has features of a checking account.

Leaving Site Confirmation