Unforeseen side effect of COVID-19: A rise in business fraud
Working remotely became the new normal nearly overnight as a result of the COVID-19 pandemic. Because it was unexpected, most companies were not fully equipped for the transition and its challenges.
The change has had a few positive effects for many employees – less commuting, less traffic, more time with family, more money saved, etc. – but companies have faced new challenges, especially if they were not previously equipped for remote work.
One such challenge is the rise of Business Email Compromise, or BEC, scams aimed at remote workers. BEC scams have many purposes. Fraudsters will use emails and other electronic messaging methods to attempt to:
- Collect bank account numbers
- Collect employee passwords to access company files
- Collect personally identifiable information (PII) on clients or employees
- Trick employees into sending gift cards or other monetary items
- Steal money outright
BEC scams were already common, with 61% of finance professionals citing it as the source of attempted fraud.1 But the pandemic has fueled them further. While finance and treasury employees have been trained to avoid scams, employees in other departments, or even your suppliers, may not be as vigilant. And BEC scams have been able to flourish now that email is the primary communication channel for companies.
A common BEC scam, for example, involves a fraudster (posing as a CEO or CFO) sending an email to an unsuspecting employee with an urgent request. The email often asks for private information or monetary items like gift cards, and includes instructions not to call the executive because he or she is in an important meeting. The employee will then respond to the email with the requested information, believing they are doing the executive a favor, when they are actually putting the company at risk.
Ransomware is growing.
Email scams come in all forms. Microsoft reported that they blocked over 13 billion “malicious and suspicious” emails last year alone. In the first half of 2020 – when uncertainty over the pandemic was highest – cyberattacks rose another 35 percent.2 Companies now have more security threats than ever. It is every employee’s responsibility to be vigilant.
Supplier-based BEC scams are on the rise.
A newer BEC scam is aimed at your suppliers, in which fraudsters pose as an employee of your company. Under this pretense, they will send an email to your supplier and request a payment to be wired to a new account number. Or perhaps the email may say that a payment is ready for the vendor to authorize, only to be a phishing link.
All it takes is a logo and accurate signature line to create a convincing fraudulent email. Employees should be trained on all the methods of verifying legitimacy before clicking on or responding to emails, but with the sudden onset of remote work, most companies did not have time or resources to hold advanced fraud training.
So how can you mitigate the latest uptick in fraud?
Put a focus on your business relationships.
If your supplier receives a scam email from someone posing as you or an employee of your company, they could put their company at risk. And if they get compromised, you can get compromised. Constant communication with your suppliers and partners is key.
Be sure you’re both communicating about any payment requests that seem unfamiliar and ensure your suppliers are up-to-speed about any changes in your payment notification process. By encouraging them to be more vigilant, you are protecting your company too. Plus, there are other benefits to focusing on your supplier relationships, such as early payment discounts.
Find solutions and services that can help.
Luckily there are plenty of ready-made solutions and services that can help protect your company’s financials and data. These tools will help ensure that payments are only going to the correct, approved recipients:
Payment solutions like these are becoming more critical as payment fraud continues to rise. 81 percent of business owners reported experiencing payments fraud in 2019!2 Get peace of mind by choosing a financial partner, like Commerce Bank, that offers fraud protection and will keep you updated on the latest fraud trends.
Deichler, Andrew. (2020). Combating Fraud in a Remote Environment. Association for Financial Professionals Payments Guide.
- Pymnts.com. Cyberattackers Turn to Payments Fraud, Ransomware as Fech Firms Fight Back. Retrieved Oct. 8, 2020. https://www.pymnts.com/news/b2b-payments/2020/cyberattackers-payments-fraud-ransomware-tech-firms-fight-back