3 Ways to Protect Your Business from Fraud
1. Get a comprehensive Fraud Risk Management Policy
Regardless of the size of your business, a comprehensive fraud risk management plan should be in the DNA of your business. According to a 2019 Accenture Report, the average cost of a cyber-crime per organization is $2.4 million. By thorough analysis, your risk management partner will help you consider the cost of business interruption in the event of fraud, identify exposure areas and develop a plan to mitigate those risks, and provide the insurance you need to protect your assets. Let us know if you'd like our team to provide a consultation.
2. Look for skimming devices when using company cards
Before you or your employees use company cards at gas stations or ATMs, take a few seconds to look for evidence of skimming devices. Many cards come with protection against fraudulent use including our Mastercard® debit cards.
- Inspect the ATM, gas pump, or credit card reader before using it. Be suspicious if you see anything loose, crooked, or damaged, or if you notice scratches or adhesive/tape residue.
- When entering your PIN, block the keypad with your other hand to prevent possible hidden cameras from recording your number.
- If possible, use an ATM at an inside location (less access for criminals to install skimmers).
- If your card isn’t returned after the transaction or after hitting “cancel,” immediately contact the financial institution that issued the card.
3. Alert and educate your employees about payroll diversion, an increasing cyber criminal threat
Cyber criminals are targeting employees through phishing emails designed to capture an employee's log in credentials. The credentials are then used to access the employee's payroll account to change their bank information. Tips to help combat these attempts include:
- Instruct employees to hover their cursor over hyperlinks in emails they receive to view the actual URL. Ensure the URL is related to or associated with the company it purports to be from.
- Ensure that log-in credentials used for payroll purposes differ from those used for items like employee surveys.
- Monitor employee logins that occur outside normal business hours.
- Direct employees to forward suspicious requests for personal information to those in your company responsible for security.