Protecting Your Company From Wire, ACH & Check Fraud
February 07, 2023
Bank fraud is on the rise, as hackers have become increasingly adept at convincing unsuspecting victims to send them money via check, electronic wiring or Automatic Clearing House (ACH) networks.
Fortunately, there are plenty of ways to ensure you don’t become one of the nearly 3 million Americans who get scammed each year.
Types of Fraud to Watch For
When you think of getting hacked, wire or ACH fraud is likely what comes to mind first. Here, hackers steal your or your company’s information electronically using sneaky methods known as “phishing.” From scam emails to odd phone calls, AARP reported nine in 10 people in the U.S. have encountered at least one wire fraud attempt in the last year alone.
Check fraud, while less common, is equally dangerous. Any time you hand someone a check, you hand them your bank information. This comes with big risks in a variety of forms, including forgery, theft, paper hanging, check kiting, washing and counterfeiting.
Fraud Prevention Best Practices
Hone Your Email Sleuthing Skills
Email scammers will often pose as either a well-known business or, even more unsettling, a client, contact or friend. However, there are a few dead giveaways that make an email untrustworthy:
- Address: Easy yet effective, simply click on the sender’s address. If it doesn’t match that of someone you know or an official company website, it’s likely spam. Be careful to check for even one letter that may be off in the email address. To verify an email you received in Gmail, you can see where the email came from by looking at its headers, including how it got from the sender to the recipient’s mail servers. To view your email’s full headers, open Gmail in a browser and click on the email you want to check for headers. Next to ‘Reply,’ click ‘More’ and ‘Show Original.’
- Urgency: Anything along the lines of “Act now” or “You have 48 hours to…” is a huge red flag. Fraudsters typically request for funds to be sent right away.
- Typos: Poor spelling and grammar, strange wording and messaging that seems overall “off” could mean the sender is somewhere overseas — just waiting for you to wire your money.
- Format: Similarly, if the email is oddly formatted and its design quality doesn’t match what you’d expect from a large corporation, turn on your spam radar and use your best judgment.
Be Wary of Phone Calls
Truecaller’s 2021 report found that the average American receives 31 spam calls per month — up from 28 in 2020 — so you’re probably already an expert at detecting them.
But as a reminder, never agree to extend your car’s warranty, refinance your mortgage or perform any other transaction over the phone unless it comes from a source you know and trust.
Some smartphones call out “Potential Spam” when hackers dial, and there are also call blocking apps that help filter out suspicious numbers. However, these methods aren’t always accurate, so relying on your instinct is best.
Check Your Checks
Vigilance is the best protection against check fraud. While there’s little you can do once a check leaves your hands, there are some ways to proactively keep your information safe:
- Carefully monitor your bank account for fraudulent transactions after sending a check
- Write checks with fraud prevention pens; the ink is harder to change or erase
- Don’t leave your checkbook out in public, and never store it in your car
- Request positive pay or reverse positive pay service from your bank. That way, you are approving every check before it clears your account
Verify Everything, Every Time
Always confirm the authenticity of a wire transfer request with two-step verification: Call vendors or colleagues directly to verify payment information using previous numbers you know are correct.
Additionally, double check all links, both online and in emails. Clicking on malware links may give hackers access to passwords, bank accounts and other sensitive information.
Ramp Up Business Cybersecurity Measures
Entrepreneurs, specifically, must stay on top of cyber risks to keep their business secure. In addition to protecting your own information, it’s essential to protect your customers, clients and company by:
- Installing strong antivirus software on all computers – don’t forget laptops and other hardware used by remote employees
- Storing data and documents on an encrypted cloud host, rather than a local server
- Implementing two-factor authentication for logins and electronic transfers
- Educating employees on the best practices for detecting fraud outlined above
Regardless of how a hacker may find you, they are always on the hunt. Remember to stop and think before providing personal information, and limit your financial activities to as few machines as possible.