Business Fraud Mitigation

• Business email compromise occurs when a fraudster impersonates internal executives or gains access to email accounts to request unauthorized payments or sensitive information.

What this can look like in your business

• Urgent requests for same-day wire transfers
• Vendor emails with “updated” ACH instructions
• Last-minute payment redirections

Controls to consider

• Require dual approval for outgoing payments
• Use verbal callback verification for payment changes
• Train employees to independently verify urgent requests

• ACH fraud occurs when unauthorized electronic transfers are initiated from your account, often after login credentials are compromised or vendor information is altered.

What this can look like in your business

• Unexpected ACH debits
• New payees added without proper approval
• Payment amounts that differ from established patterns

Controls to consider

• Use ACH blocks and filters
• Set transaction alerts
• Reconcile accounts daily

• Wire fraud involves fraudulent instructions directing funds to unauthorized accounts.

What this can look like in your business

• Requests to wire funds to new accounts, including international
• Pressure to bypass standard approval steps
• Changes to wiring instructions shortly before closing

Controls to consider

• Require dual approval for all wires
• Verify wiring instructions verbally using known contact information
• Establish clear cutoff procedures

• Account takeover occurs when a fraudster gains unauthorized access to online banking, treasury management or email accounts, often through stolen credentials, phishing or malware.

What this can look like in your business

• Login attempts from unfamiliar devices or locations
• Changes to user permissions or contact details
• Payments initiated outside normal activity

Controls to consider

• Require multifactor authentication for all users
• Limit user permissions based on job role
• Review login and transaction activity regularly

• Vendor impersonation fraud occurs when someone posing as a vendor or supplier requests changes to payments instructions.

What this can look like in your business

• Emails requesting updated ACH or wire details
• Slightly altered email domains
• Urgent requests tied to pending invoices

Controls to consider

• Require independent callback verification
• Confirm changes using previously established contact information
• Document and track all payments instruction changes

• Check fraud includes altered, forged or counterfeit checks drawn against your account.

What this can look like in your business

• Checks cleared with altered amounts
• Duplicate check numbers
• Missing checks from mailed payments

Controls to consider

• Use Positive Pay
• Secure check stock and limit access
• Review paid check images regularly

• Gift card fraud often appears in social engineering schemes where fraudsters ask employees to purchase gift cards on behalf of executives or clients and then send the codes electronically.

What this can look like in your business

• An urgent email requesting gift card purchases
• Instructions to send codes by text or email
• Requests framed as confidential or time-sensitive

Controls to consider

• Prohibit gift card purchases based on an email request
• Require verbal verification from leadership
• Train employees to recognize this common tactic

• Payroll fraud involves redirecting employee pay through unauthorized direct deposit changes or falsified employee records.

What this can look like in your business

• Requests to update direct deposit information made through email
• Multiple employees listed with the same bank account
• Reports of missing or incorrect pay

Controls to consider

• Require secure portals for payroll changes
• Implement dual review of direct deposit updates
• Monitor payroll change reports regularly

• Credit card fraud affects businesses that accept card payments or use corporate cards. It can involve stolen card data, counterfeit cards or unauthorized internal use.

What this can look like in your business

• Chargebacks for transactions believed to be valid
• Unusual corporate card spending patterns
• Customers reporting unauthorized charges

Controls to consider

• Maintain PCI compliance
• Monitor transactions for anomalies
• Set internal spending limits and review statements promptly

• Social engineering relies on psychological manipulation rather than system breaches. Fraudsters exploit trust, urgency or authority to pressure employees into fast action.

What this can look like in your business

• A caller posing as the IT department and asking for login credentials
• A “bank representative” requesting account information
• Text messages linking to fake payment portals

Controls to consider

• Provide ongoing employee fraud awareness training
• Establish clear escalation procedures
• Encourage employees to pause and verify requests

• Ransomware is malicious software that encrypts business systems and demands payment for restoration. It often begins with phishing emails or compromised login credentials.

What this can look like in your business

• Employees locked out of systems
• A ransom message requesting cryptocurrency
• Sudden disruption to operations

Controls to consider

• Maintain regular, offline data backups and keep systems updated with security patches
• Use multifactor authentication
• Provide phishing awareness training

• Domain spoofing uses look-alike web addresses, often altered by only one letter or character, to impersonate legitimate businesses.

What this can look like in your business

• Emails from domains that closely resemble a known vendor
• Slight misspellings in web addresses
• Fake payment portals mimicking real sites

Controls to consider

• Train employees to carefully review full email addresses
• Use email filtering and domain monitoring tools
• Verify payments requests through established channels