At the latest Mayor’s Breakfast, Jim English, Vice President of Treasury Management, from F.N.B. Corporation’s First National Bank, gave a presentation regarding fraud prevention. Mayor Bob Stefanik noted that ten to fifteen years ago fraud was not as prevalent as it is today, but with technology, fraud is much more commonplace.
English talked about check and electronic fraud on business account transactions. Some of his recommendations for avoiding fraud also work for personal accounts as well. Fraud takes place through checks, mail, wire, credit cards and phones. He talked about social engineering, which is a manipulation of people into breaking normal security procedures and best practices to gain access to networks or physical locations for financial gain. An example is how, in the past, a person or business was given a check and they either physically deposited the check, or they placed it into a locked box. Now, said English, you can snap a picture of the check to deposit, or scan it. The check is then viewed just like a random piece of paper that is often left around. On the check is the account number, which is key piece of information.
He also talked about a situation where a company’s financial manager received an email from one of the company’s suppliers, stating that the funds should be directed to a new account. He said that to the manager, the email looked legitimate, even containing that company’s logo. He made the change and later came to find that it was a fraudulent email and the money that was sent to the new account was gone. There was never a verification done.
Just a few weeks ago. St. Ambrose Parish in Brunswick also suffered the same type of scam. In a letter to his parishioners, Father Bob Stec explained what happened. “ Our Vision 2020 Team has been working hand in hand with Marous Brothers Construction to renew our Church. By all accounts, the project has been going extremely well – both on time and on budget. On Wednesday, Marous Brothers called inquiring as to why we had not paid our monthly payment on the project for the past two months totaling approximately $1,750,000. This was shocking news to us, as we have been very prompt on our payments every month and have received all the appropriate confirmations from the bank that the wire transfers of money to Marous were executed/confirmed. I contacted the Brunswick Police, our bank, Marous Brothers, and the Diocese immediately, and the FBI was also brought in.
Upon a deeper investigation by the FBI, we found that our email system was hacked and the perpetrators were able to deceive us into believing Marous Brothers had changed their bank and wiring instructions. The result is that our payments were sent to a fraudulent bank account and the money was then swept out by the perpetrators before anyone knew what had happened.”
The FBI investigation continues. It has been determined the breach was limited to only two email accounts.
English recommends some of the following ways to prevent fraud:
-Use a positive pay service for checks or ACH batch transactions.
-Use dual controlled, not dual signatures, requiring two people in order to complete a single wire transfer or ACH batch transaction.
-Have a separation of duties within the financial department.
-Use more electronic payments. The more use of electronic payment, the less exposure of account numbers.
-Do not rely on email communications.
– Use a business credit card. English said “I don’t know of a better tool than using a business credit card. There is not other payment mechanism that has as much benefit.” He said that credit cards often have fraud prevention benefits built in to them.
English pointed out that all of these things are responsibilities of individuals. He suggested talking to your bank about services provided.
Contributing Writer