A hacking attack into payment procedures is a nightmare scenario for any business. By taking over accounts, a cyber criminal can order virtual transfers and literally erase cash from a company's accounts. Criminals are savvy enough to create email addresses and other correspondence mirroring legitimate communications that can convince employees to divulge passwords and other information that can lead to fraudulent transactions.
So prevalent is the scourge of "phishing" that the government is working to track the threat. The FBI reported in 2015-with figures from January to August of that year-that there had been a 270 percent increase in identified victims and loss because of business email compromise (BEC) scams.
Whether the attacks come in the form of malicious emails or other means, there are a number of steps companies can take in order to ensure that they are aware of these threats:
Conversations around these steps and other security matters should begin when a company engages with a bank, and continue throughout the relationship, says Laura Mason, Director,
CIT Treasury Management. "It's always part of the initial conversation. When we first meet with clients, we ask them, 'What are you doing about fraud prevention? Have you experienced any fraud?' We ask them to take us through their internal controls," Mason says.
The pace of cyber threats is showing no signs of easing. As of April 2016, there had already been more than 225 breaches for the year as reported by the Identity Theft Resource Center. That amounted to more than 6.2 million exposed records, according to the group, which combs through
Attorneys General offices and other sources to compile the list.
While fraud protection may require additional investment in some cases, Greg Wintroath, Managing Director of CIT Treasury Management, says the climate of cyber threats is a powerful motivator. Whereas attitudes about the potential for cyber crime were more skeptical in the past, the possibility of taking a financial hit is driving many companies to assess their capabilities. Banks need to do their part to ensure that payments get processed with minimal disruption and the highest security standards regardless of the size of the client and how they use the account, Wintroath says.
"A bank should be able to provide a high level of fraud prevention regardless the size of a company of the frequency of its transactions. Whether your business has a hundred accounts, 25 accounts, three accounts, or one account, there is a level of fraud prevention that can be and should be established for every one of those accounts," Wintroath says.
The full article,
"Securing the Business of Payments: Stepping up Protection against Cyber Threats," is available on the
Knowledge Center on CIT.com.
If you enjoyed this blog post, please consider sharing it with your social media networks and invite them to register for our