Payment fraud looms large in today’s digital business environment.
From phishing attacks and Business Email Compromise (BEC) to account takeovers and phony invoices, sophisticated fraud schemes can wreak havoc on an organization’s finances and reputation. Financially, organizations may suffer huge monetary losses, affecting liquidity, profitability, and operational stability. Beyond the immediate financial losses, reputational damage can erode trust with customers, suppliers, partners, and investors, and potentially tarnish an organization’s brand.
By understanding the mechanics of common payment fraud schemes and deploying effective prevention strategies, treasurers can mitigate risks and safeguard the organization’s financial assets.
As the guardians of financial integrity, treasurers play a pivotal role in mitigating the risk of payment fraud. On top of transactional oversight, it’s up to treasurers to proactively identify vulnerabilities, implement robust fraud prevention measures, and foster a culture of vigilance across finance.
This article delves into the most common payment frauds and how to defend against them.
Payment fraud schemes: methods, mechanics, and defenses
Fraudsters are continuously evolving their tactics, exploiting vulnerabilities in processes and communication channels to perpetrate their schemes. To safeguard their organization’s financial assets, treasurers must understand the mechanics of the most common payment fraud schemes.
- Phishing attacks. In phishing attacks, fraudsters craft deceptive emails, messages, or websites that appear legitimate to trick recipients into divulging sensitive information. These communications typically impersonate trusted entities like banks, suppliers, or colleagues, urging recipients to click on malicious links or attachments. Some emails try to trick recipients into entering their credentials for a financial system.
CMLI Best Practice: There are strategies that treasurers can use to mitigate the risk of falling victim to phishing attacks. First, train staff to recognize phishing red flags such as generic greetings, urgent demands, or suspicious links. Deploy robust email filtering systems to detect and block phishing attempts before they reach employee inboxes. And require multi-factor authentication (MFA) for access to critical systems and accounts to prevent unauthorized access even if credentials are compromised.
- BEC. BEC involves compromising the legitimate business email account, often through phishing or social engineering. Once access is gained, fraudsters monitor communications and impersonate the trusted party – often, a supplier or senior finance executive – to change a bank account to one that the fraudster controls, initiate fraudulent transactions, or share sensitive information.
CMLI Best Practice: While the Association of Financial Professionals (AFP) reports that BEC is one of the fastest-growing payment fraud schemes, there are steps that organizations can take to prevent falling victim to BEC. Implement Domain-based Message Authentication Reporting & Conformance (DMARC), Domain Keys Identified Mail (DKIM), and Sender Policy Framework (SPF), to verify email authenticity and prevent spoofing. Establish clear procedures for verifying and authorizing fund transfers or bank account change requests. And keep employees up to date on the tactics used in BEC schemes and urge them to be skeptical about unexpected requests, such as expedited payments to a new supplier.
- Account takeover. Account takeover occurs when fraudsters gain unauthorized access to a user’s account for a bank portal, ERP platform, accounts payable solution, or other financial system. Account takeovers can be achieved through phishing, using stolen credentials purchased on the Dark Web, or malware attacks targeting login credentials. Once access is gained to an account, fraudsters can initiate transactions, change bank account details, or steal sensitive data.
CMLI Best Practice: Mitigate your organization’s risk of account takeover by enforcing strong password policies. Consider implementing biometric or token-based authentication password methods. Additionally, deploy monitoring tools to detect unusual account activities and set up alerts for suspicious transactions or login attempts. And implement role-based access controls and segregation of duties to limit the impact of compromised accounts.
- Phony invoices. Phony invoices are cases where fraudsters create fraudulent invoices for nonexistent goods or services or alter legitimate invoices to divert payments to bank accounts that they control. These types of schemes exploit vulnerabilities in the invoice approval process or poor communication between buyers and vendors.
CMLI Best Practice: Stop phony invoices in their tracks by conducting thorough background checks on new vendors, including verification through independent sources. Implement dual-control processes for approving invoices and verify the authenticity of payment requests before processing. And perform periodic audits of your payables to detect anomalies invoice patterns or unusual payment requests.
- Fraudulent bank account change requests. In these schemes, bad actors attempt to redirect legitimate payments by submitting fraudulent requests to change the bank account details of suppliers. These scams often are initiated through compromised email accounts or social engineering tactics.
CMLI Best Practice: Organizations can reduce their risk of being tricked by implementing stringent procedures for verifying any changes to bank account information. Require dual verification through multiple authenticated channels and consider deploying a solution for automatically verifying bank account ownership. Establish policies for notifying relevant stakeholders of any changes to payment details and confirm such changes through trusted communications (in other words: not email). And educate employees about the risks associated with account changes and emphasize the importance of verifying requests.
Protecting your organization from payment fraud requires a comprehensive understanding of how these schemes work and a proactive approach to mitigating risks. By enhancing employee awareness, implementing robust security measures, and establishing strict verification protocols, treasurers can significantly reduce vulnerabilities and safeguard their organization’s financial health.
Safeguard your financial assets
Treasurers play a pivotal role in protecting the financial health of their organization. It’s imperative that treasurers remain vigilant and proactive in the face of evolving fraud schemes.