In an effort to keep up to date on current business fraud trends, Fluid Tech will pass along as much information as we can find to help small business stay safe from thieves. Our bank is helpful in routinely reminding us of good business practices. Below is an email sent to business customers from the Internet Cash Management team.
FirstBank is committed to keeping you informed of the latest trends regarding fraudulent scams. Recently, we have seen an increase in fraudulent email scams. We have outlined possible scenarios below:
Scenario 1: The e-mail accounts of high-level business executives are compromised. The account may be spoofed or hacked. A request for a wire transfer from the compromised email account is made to a second employee within the company who is responsible for processing these requests. The recipient believes the email is valid because it is from an executive and they initiate the transfer of funds.
Scenario 2: A business is asked via email to wire funds for invoice payment to an alternate, fraudulent account. When a fraudulent e-mail is received, the subject will spoof the e-mail request so it appears very similar to a legitimate account.
Tips to help protect against fraud:
*Protect your login information; never share your password and do not write it down. Keep security tokens in a secure location.
*Use caution when responding to emails, phone calls, or texts asking for your confidential login information, and be certain you are working with known and trusted vendors.
*Always confirm the validity of any new payment request or change in payment instruction by the different method (if you get an email then voice verify).
Implement internal controls:
*Monitor your accounts and reconcile your balances daily to allow for prompt action to address any transaction questions or issues.
*Implement an employee education program and develop a checklist and program of best practices regarding fraud prevention.
*Perform an internal risk assessment for your business to ensure proper controls are in place to protect your business’ financial information.
*Establish dual processing procedures which require one User to initiate and another to approve transactions.
*Implement Dual Custody control which requires two Administrators to make changes to user profiles or permissions.