Nearly 75 percent of organizations were targets of a cyberattacks in 2020. Fraud activity is on the rise, leaving businesses of all sizes at risk. Alleviating fraud should be top-of-mind for business leaders, and organizations should actively implement controls and measures to restrict the occurrence of such activity. Not only can cybercrime hurt a company’s bottom line, but when left unchecked, it can limit a company’s growth.
As a result of the COVID-19 pandemic, many businesses across the country moved some or all their operations online. Although this move has resulted in better customer reach and employee safety, it has also led to a rise in criminal activity, including cyber fraud.
Cyber fraud can be difficult to combat because cybercriminals are very tech-savvy and good at posing as legitimate sources. They seek out victims via email, malware, phone calls and fraudulent websites.
Cybercrime can make it more difficult for businesses to grow and achieve their financial goals. To help you and your employees know how to spot cyber fraud, here are some of the most common ways cybercriminals try to access systems and obtain information.
Phishing. Phishing happens when cybercriminals send fraudulent emails or direct business owners to websites that ask for private, sensitive information, including bank account and credit card details or login credentials. To prevent this, users should ensure the source is trustworthy. If anything looks unfamiliar or off-brand, do not click on links or hand over sensitive information because it could be a cybercriminal trying to gain system access
Identity Theft. This involves cybercriminals breaching firewalls and security systems to steal personal, sensitive information, including credit card numbers, login credentials and a host of other essential data that could leave a company vulnerable. Once the cybercriminal has this information, they can open accounts in your name or steal money. Businesses are also facing the theft of information such as tax ID for obtaining fraudulent loans.
Merchant Identity Fraud. This occurs when a cybercriminal sets up a merchant account that appears legitimate but charges stolen credit cards. Before credit card holders even learn of the fraudulent payments, the criminals are often long gone. A recent report by Signifyd estimates that, when all is said and done, the total cost of merchant identity fraud on a $100 sale is about $196 once fees are factored in.
Business Email Compromise: The 2021 AFP Study states that BEC was the primary source of payments fraud attacks at organizations in 2020. Business Email Compromise is one of the most financially damaging online crimes. It exploits the fact that so many of us rely on email to conduct business—both personal and professional. In a BEC scam, criminals send an email message that appears to come from a known source, thus making it appear to be a legitimate request.
Checks and Wire Transfers. Also according to the 2021 AFP Study, checks and wire transfer continue to be the payment methods most impacted by fraud activity (66 percent and 39 percent, respectively). Positive Pay continues to be most popular method to control check fraud.
Fortunately, there are steps businesses can take to fight back and protect their businesses from cybercriminals, including:
Provide loss prevention training to employees. It’s one thing for a business owner to know the signs of cybercrime or how to identify phishing emails, but what about employees? Educating employees on the threat of BEC and training them to identify spear phishing attempts are important components in controlling BEC. This is critical if employees are working remotely and so have minimal in-person interaction.
Check software and passwords. Make sure all computer software has been updated to the current version. Also make sure all passwords are random and use numbers and symbols as well as upper- and lower-case characters. A good password manager helps, too.
Search internet addresses and phone numbers you don’t recognize. Even the best phishing emails have web addresses (URLs) that look strange. Search them on the internet. Chances are someone has reported them if they are scams. Do the same with phone numbers you don’t recognize.
Work with your bank. We have products and services that can help you and your employees prevent financial fraud and identity theft:
It’s important to note that cybercrime has broad implications for all businesses. With the right systems and protocols in place, businesses can operate with peace of mind knowing customer data and financial information is secure. Security also makes it easier to focus on one of the most important things today: growing your business.
Brendan Morse is the Treasury Management Banking Officer, SVP, of Citywide Banks.