As our daily lives move online more and more, nefarious scammers are on the lookout for their next victim. Their goal is to trick you into sending them your hard-earned money electronically. So how do you avoid these types of scams and keep your money safe? We will go over best practices recommended by the National Automated Clearing House Association (NACHA) as well as some of our own tips to protect you from becoming a victim. Lastly, we’ll go over a few other scams to be aware of. Let’s begin!
Best practices
Pick up the phone
When in doubt, call the person contacting you to verify the payment information whether it’s a business partner, colleague, or vendor asking for payment. Dial the number yourself and don’t rely on numbers from email signatures or texts. Always confirm changes by calling and don’t only rely on emails or texts.
Be wary of unfamiliar payment information
Any time new account information is provided for a regular wire payment you should be skeptical and act with caution.
Don’t click links and attachments right away
Even if the message you receive appears to come from a trusted source, it may be a scammer phishing for sensitive information like your password, account information, or other sensitive information. Links sent by scammers can contain malware, so you want to be especially careful before you click one.
Confirm email addresses
Your eyes can deceive you. It’s very common for fraudsters to make email addresses that look just like legitimate addresses. They’ll copy company email naming conventions that they find online and tweak them just enough to trick you so review addresses carefully!
Question urgency
If the request you receive states that funds need to be sent right away, you’re most likely dealing with a fraudster. A key sign that this is the case is the requestor saying that they only want to be communicated with through email.
Know your people
So, you’re considering working with a new company. What should you do to make sure they’re trustworthy? One way to find out is to do some research online. Search for the company’s name followed by the word scam or complaint.
Watch what you post
Being mindful of the information you post on social media and company websites is always a good idea. Fraud can be committed using this information and the last thing you want is for a tweet or photo you post to be the reason the fraud was successful.
Consolidate your financial information
Keeping your financial information on a minimal number of devices helps reduce the risk of your information being accessed by unauthorized users.
Make security part of your everyday
By using multi-factor authentication, you help make your information that much harder to be accessed by the wrong individuals. This includes dual control for electronic fund transfers.
Let technology help
There are systems that can be set up to flag emails with suspicious extensions like company emails (such as, .co instead of .com). The more email variations you can register, the better.
In addition to email flagging systems, there are anti-virus programs that watch for behavior anomalies, not just signatures.
Lastly, make sure your business systems are regularly updated for greater security.
Scams to look out for
Business Email Compromise (BEC)
At the top of our list for a good reason, BEC scams target companies that regularly make wire transfers. This is done through phishing emails that impersonate trusted senders. All it takes is one employee to click a suspicious link, provide their password, business bank account, or other confidential information for the criminal to have access to the employee’s email account. Using email patterns, the fraudster will learn which individuals request and initiate wires. Read more about BEC here.
Senior executive spoofing
This kind of scam involves an employee receiving a transfer request from a scammer posing as a company executive via email. Again, the email address will closely match the company’s official domain so look carefully. Often the email is made to appear like it’s coming from the CEO or other individuals high up on the organizational chart. In reality, the email is coming from a hacked or spoofed account that looks legitimate. Using their perceived authority puts pressure on the employee to quickly help them with a transfer.
Vendor Spoofing
In this scam, an employee receives an email or call from a vendor they work with regularly asking for a change in payment instructions. Not validating the process and confirming the request, the well-meaning employee transfers money over to the fraudster’s account. The reason these scams work is that they look extremely realistic compared to the types of requests typically received from a trusted vendor.
At Core Bank, we want our customers to succeed. Whether we do this by helping you stay on top of best practices for online security or offering comprehensive banking services, like online and mobile banking, we’re here to help! Please contact us if you have any questions.
Core Bank, you at the core.