Businesses are primary targets for corporate account takeover, business email compromise and check fraud, especially by organized rings of criminals. Use a combination of precautions to greatly reduce the likelihood of fraud.
- Verify suspicious emails. With business email compromise (BEC) on the rise, verify suspicious emails that requesting personal information or include wire transfer instructions. Chief level, accounting and HR email impersonation is a method employed by perpetrators of BEC to fool victims. Verify with a secondary method, such as a phone call to voice verify, or in person. Addtionally, notify the Bank of any changes to key personnel members or in the accounts payable process.
- Utilitize dual controls. When processing high risk/dollar transactions, utilize dual controls where one authorized user enters transactions while another authorized user approves and transmits the transactions. To prevent email compromise and impersonation, use two factor authentication to secure your account.
- Maintain adequate physical security of your checks, deposit slips, etc.: Secure all reserve supplies of checks, deposit slips and other banking documents in a locked facility and limit the number of people with access. Change the locks on your facility when an employee leaves. Never leave checks or bank records unattended.
- Reconcile your account promptly and regularly. Quick fraud detection increases the likelihood of recovery.
- Use Positive Pay, which records pertinent information about each check (the amount, check number, bank information and date) and transmits it to the Bank to be verified before the check can be paid.
- Enable Alerts on your account: Make use of the online banking platform's automated alerts for low balance, email address change, and wire transfers among others.
For more information on Corporate Account Takeover, please visit the ABA's guide here.