Safeguard Your Business From Cybercrime
By Andrew White, Senior Treasury Management Banking Officer, Arizona Bank & TrustBen Hass, Treasury Management Banking Officer Senior, SVP, Bank of Blue ValleyBrendan Morse, SVP Treasury Management Banking Officer Senior, Citywide BanksBen Gander, SVP, Treasury Management Leader, Dubuque Bank and TrustVince Vasquez, Treasury Management Banking Officer Senior, SVP, FirstBank & TrustRobin Scott, Senior Vice President, Senior Treasury Management Officer, Illinois Bank & TrustTony Ebertz, Vice President, Senior Treasury Management Officer, Minnesota Bank & TrustKenneth Romero, Senior Treasury Management Officer and Market President, New Mexico Bank & TrustKevin Vralsted, Treasury Management Banking Officer II, VP, Rocky Mountain BankLo Nestman, President and CEO, Premier Valley BankSteve Clark, Senior Treasury Management Banking Officer, Wisconsin Bank & Trust
Nearly 75 percent of organizations were targets of cyberattacks in 2020. Fraud activity is on the rise, leaving businesses of all sizes at risk. Alleviating fraud should be top-of-mind for business leaders, and organizations should actively implement controls and measures to restrict the occurrence of such activity. Not only can cybercrime hurt a company’s bottom line, but when left unchecked, it can limit a company’s growth.
As a result of the Covid-19 pandemic, many businesses across the country moved some or all their operations online. Although this move has resulted in better customer reach and employee safety, it has also led to a rise in criminal activity, including cyber fraud.
Cyber fraud can be difficult to combat because cybercriminals are very tech-savvy and good at posing as legitimate sources. They seek out victims via email, malware, phone calls and fraudulent websites.
Common Cyber Fraud Schemes
Cybercrime can make it more difficult for businesses to grow and achieve their financial goals. To help you and your employees know how to spot cyber fraud, here are some of the most common ways cybercriminals try to access systems and obtain information.
Phishing. Phishing happens when cybercriminals send fraudulent emails or direct business owners to websites that ask for private, sensitive information, including bank account and credit card details or login credentials. To prevent this, users should ensure the source is trustworthy. If anything looks unfamiliar or off-brand, do not click on links or hand over sensitive information because it could be a cybercriminal trying to gain system access.
Identity Theft. This involves cybercriminals breaching firewalls and security systems to steal personal, sensitive information, including credit card numbers, login credentials and a host of other essential data that could leave a company vulnerable. Once the cybercriminal has this information, they can open accounts in your name or steal money. Businesses are also facing the theft of information such as tax ID for obtaining fraudulent loans.
Merchant Identity Fraud. This occurs when a cybercriminal sets up a merchant account that appears legitimate but charges stolen credit cards. Before credit card holders even learn of the fraudulent payments, the criminals are often long gone. A recent report by Signifyd estimates that, when all is said and done, the total cost of merchant identity fraud on a $100 sale is about $196 once fees are factored in.
Business Email Compromise. BEC was the primary source of payments fraud attacks at organizations in 2020. Business Email Compromise is one of the most financially damaging online crimes. It exploits the fact that so many of us rely on email to conduct business—both personal and professional. In a BEC scam, criminals send an email message that appears to come from a known source, thus making it appear to be a legitimate request.
Checks and Wire Transfers. These continue to be the payment methods most impacted by fraud activity (66 percent and 39 percent, respectively). Positive Pay continues to be the most popular method to control check fraud.
How to Fight Back
Fortunately, there are steps businesses can take to fight back and protect their businesses from cybercriminals, including:
Provide loss prevention training to employees. It’s one thing for a business owner to know the signs of cybercrime or how to identify phishing emails, but what about employees? Educating employees on the threat of BEC and training them to identify spear phishing attempts are important components in controlling BEC. This is critical if employees are working remotely and so have minimal in-person interaction.
Check software and passwords. Make sure all computer software has been updated to the current version. Also, make sure all passwords are random and use numbers and symbols as well as upper- and lower-case characters. A good password manager helps, too.
Search internet addresses and phone numbers you don’t recognize. Even the best phishing emails have web addresses (URLs) that look strange. Search them on the internet. Chances are someone has reported them if they are scams. Do the same with phone numbers you don’t recognize.
Work with your bank. We have products and services that can help you and your employees prevent financial fraud and identity theft:
- There are effective best practices that organizations can use to mitigate the risks of payments fraud and potential financial loss. These include risk management protocols and procedures, fraud prevention services and digital payment processes.
- Businesses that adopted fraud mitigation technology were able to eliminate the hours and cost it takes to monitor account activity and re-direct those hours to tasks that focused on generating revenue and reducing costs in other areas of the business.
- Our fraud tools will monitor accounts for you, significantly reducing the risk of financial loss. When fraud occurs, you simply allow the system to return the fraudulent transactions and the funds will be credited back to your account. A new account will not be needed, which avoids potential disruption in business operations.
- Review your payables strategy. Oftentimes, it’s more cost effective and timely to utilize ACH or a credit card instead of a check. Daily reconciliation can be used to safeguard against attacks on security credentials.
- To safeguard your money and hard work, we recommend both Check and ACH Positive Pay. Both provide protection for their respective payment types by cross-referencing payment details submitted by your company with the payment being made. Illinois Bank & Trust is uniquely positioned to help your organization because we take the time to understand your operations and have the expertise and solutions to tailor a strategy that mitigates the risk.
It’s important to note that cybercrime has broad implications for all businesses. With the right systems and protocols in place, businesses can operate with peace of mind knowing customer data and financial information is secure. Security also makes it easier to focus on one of the most important things today: growing your business.
An Infographic From the ACFE Study
Contact us today.
Or let us contact you.