May 01, 2018
Even with the new, "safer" technology of today, both large and small businesses must be aware that they could also be subject to banking fraud. While you may think it's challenging for a hacker to get into your company's financial information and bank accounts, once they get into your information they are going to be off to spend all the money they want and that money will come out of your company's pocket.
Fraud comes in several shapes but can be dissected into three areas: asset misappropriation, corruption and financial statement fraud. Large majority of fraud files under asset misappropriation. This is where employees are found stealing or exploiting a companies resources. Examples include stealing cash before its recorded, false expese reibursement claims or theft of non-cash items.
Corruption, while less than asset misappropriation still makes up a good amount of cases. Corruption such as extortion and bribery, us when employees use their power or influence to benefit themselves while violating their role required of the employer or company.
Financial statement makes up significantly less of the pie regarding financial fraud including items such as intentionally mispreseneting or mistating information on financial reports.
Protecting your company against this sort of fraud can seem like a daunting task1 to many business and CTOs. However, the good news is that the following are 3 ways that businesses can take action with to help make it harder for hackers to steal their company's financial information:
Use Multi-Factor Authentication: Use more than one way of authenticating your information and proving your identity when you get up your company's security system for your financial information. Setting up your software to require employees or others accessing your account to authenticate their identity in several ways will help ensure that no one who isn't supposed to have access to your banking information does not get in. Protecting your information so no one who shouldn't have access can get access if the first step in protecting your information. Moreover, remember, once fraudulent users are into your information, they are free to do the damages and spend all the money out of your account that they wish. If you use 3rd party services for communication and transaction information, make sure they have muti-factor authentication to make sure that you are not passing sensitive information that could be intercepted. File sharing and digital drives that store information should be secure. Beware of free file sharing and communication as these are not typically secure and if they say they are secure, look for multi-factor authentication before using.
Monitor Your Company's Transactions: No matter how big or small your company is, monitoring your business transactions is key to ensuring that there is no suspicious activity occurring in your account is vital to keeping your business accounts safe as possible. Set up a regular schedule on which you check your accounts and see what activity may be happening that you did not initiate. If you didn't initiate certain activity in your account, contact your bank to report the activity as fraudulent immediately so that it can be stopped before the activity continues and gets out of hand. Sign up for banking alerts - many banks and credit card companies will offer a free service for credit monitoring but you may have to ask for suspicious activity monitoring. This can be as simple as an alert for transactions or it can be as tight as blocking transactions that seem out of normal business activity. Beware that the tighter you set the rules the more you may have issue with vendors trying to get paid and getting blocked. There are also small to large sized business fraud detection software that can be used to help detect activity that looks and feels like fraud. Many provide a basic free trial so try a couple and see if they are a fit for your business.
Limit The Amount Of Money Employees Can Transact Each Day: Limiting the amount of money each worker or employee can have transactions with and handle each day. If an employee needs to handle more money than that in one day, special permission will be needed to do so. Ensuring that there are limits on how much money can be moved by a single person in a day limits the damage someone can do if they attempt to do fraudulent activities with your company's account. This may be tough depending on the type of business you run but this is a good area to keep an eye on. Fraud on the employee level happens all too frequently and having an audit done periodically will also help reduce employee financial fraud.
These are 3 of the most basic ways that a company can keep their accounts protected from fraudulent activity. If you suspect fraudulent activity, the sooner you are able to report the activity, the sooner it can be cleared up before it becomes a bigger issue.
What Signs Are A Clue That Fraudulent Activity Happening In Our Business Accounts?
There are always some telltale signs that your business accounts are being compromised. The following are alerting signs to look for that your accounts or business finances have been hacked and compromised:
- Missing Mail: If you were expecting a certain piece of mail and it hasn't arrived on its usual schedule, that may mean that it has fallen into the hands of someone who shouldn't have it. While this seems basic and mail is becoming a dying source of commerce, this same principle applies to email and electronic communications such as file sharing sites.
- Suspicious Transactions: Any transactions on your business accounts that you have not authorized or initiated are a sign that someone who is not supposed to have your information has gotten your financial information. Watch your accounts and watch them closely. These transaction can be small and reptitive which make them hard to detect. As stated above, there are software services available to help identify suspcious activity and many have a free trial that you can use to get used to the software. Always do your homework though, free is free and not always the best software for preventing financial fraud.
- Strange Calls: If your company is getting calls to send someone information or money for any reason, this is an indicator that information may have been passed. Report these types of calls to the appropriate source(FTC) so that they can be investigated. Moreover, if you are getting these suspicious calls, other people likely are, too. Turning in a notice on the calls you are getting can help not only stop annoying calls and protect your information, but it can do the same for others who may be in a similar situation.
- New Credit Cards Or Loans You Didn't Authorize: This is an obvious one, but if you are getting information on debit/credit cards you didn't authorize the company to have or loans that you never took out, this is a sign that someone is using the false financial information against your company. Report these issues immediately before the hacker can do substantial financial damage to your company. Call your financial institution immediately and freeze cards to prevent any other potential transactions.
If you notice any of these signs within your company, you are likely the suspect of a hacker or other fraudulent financial activity. Report these activities to the appropriate authorities right away to help protect your business and your financial assets. If you havent already done so, go to the credit reporting bureaus and lock your credit reports on your personal level. While you may have no ties to personal assets from your business, it is a good practice to have this done with all the data issues popping up today.
Beware of Phishing, Vishing, & Smishing...
What, what, and what you may ask?
These are other malicious activities you will need to be aware of when you are watching your business's accounts.
Phishing is when companies are trying to gain access to your financial information via the internet. The most common way they gain this access is through misleading emails. Fraudsters will create situations which seem like they need to be acted upon immediately to avoid what will seem like financial consequences to your business.
Smishing is phishing activity that is carried out via the sending of fraudulent text messages. Cell phones and other portable devices are inundated with what seems like important messages that elicit a response from the person whose device the smishing texts are sent.
Vishing is phishing carried out via phone calls requesting personal financial information for what seem like urgent requests that are really just made-up scenarios. When people give out their business's personal information the person on the other end can use that business to get their personal information.
These are all more "modern" forms of hacking and financial fraud as they involve modern technology like computers, smartphones, and telephone calls. The hacker will make it seem like you have to give them information to take care of something important that may compromise your financial information when they are going to compromise your information themselves.
For more information on fraudulent activities and how to protect your bussines' information while knowing what to look out for please feel free to contact us.