3. Small Business Compromise
In business email compromise (BEC), scammers pose as company executives and send fraudulent emails to certain employees to trick them into making wire transfers to bank accounts controlled by the scammer.
BEC is a highly sophisticated form of business fraud because the perpetrators may gain control of the executive's email through malware and spend weeks or months studying the company's vendors, billing systems, travel schedules, and styles of communication to ensure the request appears real.
Steps To Take To Prevent Or Reduce Business-Related Fraud
The first step in protecting your business is being aware of the types of fraud that can happen. Then you can also take steps to prevent business fraud or detect it early. This will help limit any potential loss.
- Know your employees. Check references and perform background checks on potential new hires — especially those with access to cash or financial records. Pay attention to potential fraud risk factors, such as substance abuse problems, financial troubles, or living well beyond their apparent means.
- Supervise employees adequately. Nobody wants to be a micromanager, but it's important to supervise employees. Check to ensure they're accurately reporting hours and performing duties properly.
- Segregate duties. Having only one person in charge of handling the company's finances makes it easy for fraud to go unnoticed. Whenever possible, have at least two employees handling accounting and bookkeeping tasks. If you need suggestions, GrowthForce has a helpful guide on how to separate duties.6
- Restrict access to financial records. Restrict access to your accounting software and other systems to just the people who need it to perform their jobs. Each person in the system should have their own ID and password, and passwords should be changed regularly.
- Track business checks. Always use pre-numbered checks and print check amounts and payees in permanent ink to prevent alteration. Lock up blank checks in a secure desk drawer or cabinet.
- Monitor merchandise and inventory. Perform physical inventories annually and consider installing security systems to monitor inventory.
For external fraud threats:
- Use an Address Verification Service (AVS) for online transactions. This allows you to confirm the cardholder's billing address7 matches the address on file with the credit card issuer. Consider contacting buyers to make sure the order is legitimate.
- Educate employees who have access to company finances on the risks of business email compromise. You may want to create a policy for any wire transfer requests that company executives send by email. These should be verified by phone.8
- Require employees to call customers or vendors to verify any email requests for wire payments that exceed a certain dollar amount. This prevents employees from accidentally sending money to scammers who've compromised the email accounts of other companies you do business with.
Any business can be a target for fraud. And fraud can impact a business in many ways — not just financially. Once you know how and where your company may be vulnerable, take steps to protect your business from future damage.