HELP PROTECT YOUR BUSINESS FROM FRAUD
Implement the Layered Defense Approach
Fraud comes at your business from any number of sources. The solution: a layer of safeguards that include strong tools, best practices and support. Combined, these create the Layered Defense Approach for cyber security and help protect your business from fraud.
BUSINESS EMAIL COMPROMISE
Protecting your business can feel like a moving target – as new fraud schemes arise; you must adjust and add extra security measures. Fraudsters use various techniques, from simple scams such as spoof domains to hacking into your company’s network. Fraudsters play on employee’s emotions by impersonating company leaders including CEOs, CFOs, HR, Finance and Legal as well as vendors and other partners.
EDUCATE YOUR EMPLOYEES AND SET THE CULTURE
What is BEC fraud?
Why do they call it CEO fraud?
Invoice Fraud
Best Practices to Consider
- Create company policies.
- Call the requester or visit in person
- Validate payment instructions with details on file
- Implement multiple approvals for large remittance amounts
- Implement approval protocol when executives initiate a transaction
- Set checks and balances
- Provide scenarios that resonate with daily activities and functions.
- Ensure employees understand how to decipher fraudulent emails and URLs.
- Do the details in the email match?
- Supply employees with instructions if they suspect or experience fraud. It is important to act quickly. What should you do?
- If your business is targeted, remember to alert Vectra Bank and your IT department immediately, and file a complaint with the IC3.
- Source: FBI Internet Crime Complaint Center (IC3)
TECHNOLOGY
- Build in system controls within the IT portion of your business to map existing workflows for ACH and wire payments. Identify weaknesses that could expose you to risk.
- We are in your corner and dedicated to serving as a resource. For information on fraud prevention service and tools, please contact Vectra Bank.
THE LAYERED DEFENSE APPROACH
Fraud attacks can come from anywhere. Help protect your business by combining strong tools, best practices and support to create the Layered Defense Approach. When you do, you achieve the 4 key industry-standard measures for cyber security:
 |
- Sound, easily managed fraud monitoring capabilities
- Multilevel authentication to validate and restrict access to your accounts
- Secured web browsing with deep online coverage
- An adaptive security platform , customizable to your business
Implemented effectively, the Layered Defense Approach can help you reduce your company’s risk of falling victim to fraud.
STRONG TOOLS
Strong Tools are a part of how you build your Adaptive Security Platform. And Vectra Bank helps make a suite of security tools available to your business.
BEST PRACTICES
Best Practices are in your control. Start implementing them today, if you haven’t already. And know that Vectra Bank implements its own practices behind the scenes to help protect your information too.
FRAUD PREVENTION BEST PRACTICES
With fraud coming at your business from both inside and out, vigilance is one of your best defenses. Vigilance in paying attention to employee and outsider behavior and ensuring you have the right tools and support in place.
- Separate financial responsibilities and access rights among employees
- Watch for behavioral red flags from employees like living beyond one’s means, refusal to take vacations or unusually close association with a vendor or client
- Implement an accounts receivable fraud-fighting solution
- Conduct online financial transactions on one or a few computers that don’t allow for any other type of Internet usage
- Reconcile accounts daily to find unauthorized ACH debits
- Follow the online precautions recommended in the Online Account Takeover section below
- Implement an ACH payments fraud-fighting solution
- Call a number already in your records and verify all new or updated payment instructions
- Set transfer limits
- Implement a wire fraud-fighting solution
- Only make purchases from trusted, secure web sites
- Set up Card Alerts and Mobile Card Fraud Alerts for your debit or credit card
- Review account activity frequently
- Set usage restrictions for transaction type and amount
- Implement a credit card fraud-fighting solution
- Pay your bills online
- Mail all bill payment checks directly from the post office
- Use a special "check writing" pen, available at most office supply stores
- Order checks with chemically-sensitive paper
- Check your bank account often to see which checks have cleared
- Recognize signs of bad checks, including no perforations, missing check numbers, mismatched fonts, handwritten additions, missing address and stains or discolorations
- Be wary of a low check number (101–400 on personal checks or 1001–1500 for business checks); 90% of bad checks are written on accounts less than 1 year old
- Implement a checks fraud-fighting solution
- Keep basic computer security features up-to-date, including operating systems, firewalls and antivirus software
- Never download or install files from unknown sources
- Don’t click on web ads or pop-ups
- Access the Vectra Bank® web site by typing or bookmarking www.vectrabank.com instead of clicking links in unexpected emails
- Look for the “s” in https://www.vectrabank.com when you arrive at the Vectra Bank web site.
- Don’t respond to unsolicited emails, open the links in them or view attachments to them
- Be aware of inappropriate web surfing on computers you use to access online banking as that’s how a lot of malware is loaded onto a computer
- Implement an online account takeover/enrollment fraud-fighting solution
- Review your accounts every day
- Never send financial information using regular email, which is insecure and easily compromised
- Educate employees about fraud risks and how to avoid threats
- Set strict password criteria
- Regularly review privacy policies and get rid of sensitive, unnecessary client information
- Notify Vectra Bank immediately if you suspect fraudulent activity on your account, possible compromised credentials, a stolen device or cards, etc.
- Review your bank account and service agreements. They include both customer protections (like Zero Liability) and responsibilities. For example, under a Vectra Bank Treasury Management Master Services Agreement, you’re responsible for Internal Security Controls and all instructions Vectra Bank receives with your Access Credentials even if not actually sent by you
- Discuss cyber theft protection with your insurance provider to determine if it makes sense for your organization
- Implement fraud-fighting solutions as part of The Layered Defense Approach
FRAUD-FIGHTING TOOLS
Find the support your business needs to help fight fraud by implementing the Layered Defense Approach. These fraud-fighting tools act as the Adaptive Security Platform for your Layered Defense Approach. Implement them and spend your time reaching your business goals instead of potentially recovering from fraud.
Three different tools that can ease the collection of receivables collections and posting processes. Helps prevent:
- Accounts receivable fraud
- Employee embezzlement
- Check fraud
A notification service that can give your business increased control over which checks or ACH items post to your account. Helps prevent:
- ACH fraud
- Employee embezzlement
- Check fraud
A service that lets your business deposit checks right from your office with a certified scanner. Helps prevent:
- Check fraud
A feature of Vectra Bank® Business Online Banking that helps segregate duties and manage user access for any payment or administration function. Helps prevent:
- Wire fraud
- ACH payments fraud
- Employee embezzlement
- Account enrollment/takeover
Dual Control is available with many Vectra Bank Treasury Management solutions including Positive Pay, Anytime Gateway, Outsourced Disbursement and more.
A valuable component of Vectra Bank Business Online Banking that lets only an authorized representative complete an outgoing electronic payment and for only up to a specified dollar amount. Helps prevent:
- Wire fraud
- ACH payments fraud
- Employee embezzlement
- Account enrollment/takeover
A security chip present in all Vectra Bank debit and credit cards. Vectra Bank will also offer updated POS devices to help businesses make credit card transitions as chip cards become standard. Helps prevent:
- Merchant services loss
- Card loss
A security enhancement that uses a one-time password to further protect and authenticate a business’s online transactions. Helps prevent:
- Merchant services loss
- Card loss
A tool that lets you decide which ACH transactions your business posts in order to better avoid unauthorized charges. Helps prevent:
- ACH payments fraud
An automated consolidation tool that gives your business more efficient ways to process large volumes of payables and reduce expenses. Helps prevent:
- Check fraud
THE FRAUD LANDSCAPE
Everyday behaviors cost North American companies roughly $3.5 billion annually. (Source: CyberSource® 2013 Online Fraud Report)
Not only does fraud cost businesses’ bottom lines, it can cost their customers, their reputations and their credibility. Some of the most prevalent fraud schemes businesses face today are outlined below.
PROBLEM: Accounts receivable (AR) fraud comes entirely from within your company. Your own employees can steal funds, both online and offline, and alter records with fake write-offs, fictitious balancing and fraudulent debiting. One of the more common AR fraud schemes is called lapping, where employees continuously steal customer payments to cover their theft of previous customer payments.
SCOPE: According to estimates, 80% of the fraud cases are asset misappropriations, including accounts receivable fraud. (Source: Report to the Nation on Occupational Fraud and Abuse. Association of Certified Fraud Examiners (ACFE), 2002.)
PROBLEM: ACH Payments fraud can come from employees or outside criminals. It’s one of the easiest ways to defraud your company. All a perpetrator needs is a checking account number and bank routing number, which are frequently collected with the help of Trojans and other malicious software.
SCOPE: In 2014, 22% of organizations were affected by ACH debit fraud while 9% experienced ACH credit fraud. (Source: 2014 AFP Payments Fraud Survey)
PROBLEM: Wire fraud can come from employees or outside criminals. Employees commit wire fraud by creating fake vendor accounts to pay themselves. Outsiders pose as vendors you already work with and request payments, usually by email or phone.
SCOPE: In 2013, 14% of businesses were victims of wire transfer fraud. (Source: 2014 AFP Payments Fraud Survey)
PROBLEM: Credit card theft is one the most prevalent methods of fraud. Card data is usually stolen when you make a purchase on a fake web site or fall victim to phishing. Criminals steal credit card data virtually then proceed to spend your money on withdrawals or purchases.
SCOPE: 65% of organizations discovered they’d had credit card data stolen and then used to make fraudulent transactions in 2013. (Source: RSA-2013 Fifth Annual Online Fraud Benchmark Report). For businesses that experienced attempted or actual payment fraud in 2012, 43% cited credit cards as the method used. (Source: 2014 AFP Payments Fraud Survey)
PROBLEM: It’s easy today for fraudsters to make fake checks. Such “bad checks” often accompany lottery scams, check overpayment scams, Internet auction scams and secret shopper scams. Check washing involves erasing written details from a check. Criminals use a “washed” check to make fraudulent withdrawals and commit other types of theft. Checks are usually stolen from mailboxes when a bill payment is mailed.
SCOPE: In 2013, 82% of organizations experienced actual or attempted check fraud. (Source: 2014 AFP Payments Fraud and Control Survey)
PROBLEM: When a criminal gets hold of personal or login information, he can sign up for credit cards in your name, transfer or steal your money—all while posing as you. Online, this type of fraud happens thru phishing attacks, malware installed on your computer and phony web sites that seem legitimate, but actually steal your login credentials.
SCOPE: Of the businesses that detected a fraud attempt in 2012, 71% reported that the scheme was an online account takeover with fraudulent money transfer. (Source: RSA-2013 Fifth Annual Online Fraud Benchmark Report).
REACH OUT TO A TREASURY MANAGEMENT OFFICER
If you need assistance determining which products are right for you or have any questions please call 800-341-8156, email tmsupport@vectrabank.com or complete the form below.