The Association of Financial Professionals (AFP) conducts an annual payment fraud and control survey—according to the 2016 survey results, published May 2017, a whopping 74% of corporate respondents reported that their company fell victim to payment fraud in 2016, making it the largest year on record. Fraudsters are continuing to succeed in their attempts to attack organizations. The main take-away: ongoing awareness and preparation are key. Check out these top tips from Susan Giffard , Director of Treasury Management & Government Banking at Camden National Bank, Rob Simopoulos , Co-Founder of Launch Security, and Tony Perkins , Attorney and Chief Information Security Officer at Bernstein Shur.
What are the most common kinds of cyberattacks?
First, it’s important to understand where cyberattacks come from and what they typically look like. Rob Simopoulos shares that phishing emails are the most common attack method , and attackers often work to disguise themselves as company employees, customers, or vendors. These emails can often be difficult to identify. According to the FBI’s public service announcement from May 2017, Business Email Compromises (BEC) and email account takeover is now a $5 billion scam that targets unauthorized transfers of funds.
Susan Giffard says that fraudsters can research companies through public websites, press releases, social media, and more. Fraudsters look for ways to trick employees into believing emails with company information are authentic. Be on guard for payment scams—in particular, pay attention to requests that:
- Have a sense of urgency, a call for help, or a need for confidentiality
- Add a new contact at a supplier or vendor representing the company
- Update a payment account, typically without a request for a phone contact
- Indicate a change to payment instructions or payment type (check to wire)
- Communicate a sudden change in business practice
Businesses are also seeing an increase in corporate payment fraud—primarily through fraudulent checks and wire transfers. According to the AFP’s 2016 survey, checks have been (and continue to be) the payment most exposed to fraud, but only 10% of the companies targeted incurred a financial loss as a result. Lack of positive pay and clerical errors were two primary reasons for financial loss due to check fraud. Organizations use positive pay to guard against check fraud; it’s a well-established and effective method of protecting payments.
October was National Cyber Security Awareness Month, and Camden National Bank partnered with Launch Security and Bernstein Shur to offer expert advice on managing fraud and cybersecurity for local businesses. For more information and advice, please reach out to our expert panelists:
Susan Giffard, Director of Treasury Management & Government Banking at Camden National Bank
Rob Simopoulos, Co-Founder of Launch Security
Tony Perkins, Attorney and Chief Information Security Officer at Bernstein Shur