June 1, 2024—The 2024 AFP Payments Fraud and Control Survey Report published by the Association for Financial Professionals in April 2024 reported an uptick in incidents of payments fraud in 2023. Checks and ACH are the payment methods most vulnerable to fraud according to the report, while the incidents of payments fraud via wire transfer have been on the decline since 2017. Today’s cybercriminals use both technologically sophisticated and low-cost, basic methods to exploit the vulnerabilities of consumers, businesses, and the financial institutions that serve them. While it may seem impossible to keep up with and then combat this wide a variety of attacks—everything from intercepted mailed checks to business email compromise, from deep fakes to synthetic identity fraud—there are red flags common to almost all kinds of financial scams that should on anyone’s radar, and best practices to consider for all fraud methods. And, there is hope; the decline in wire fraud is attributed to the industry’s awareness and interception of business email compromise scams related to wire transfer.
Red flags of payments fraud include:
- Discrepancies in member information
- Multiple accounts with variations of spelling of the account holder’s name
- Contact information shared by multiple account holders with different name
- Inconsistent or incorrect personal data such as an invalid social security number
- Transactions that differ from member’s regular account activity or volume
- Point-of-sale transactions at a different time of day or location than is common for the member
- Payments or funds received that don’t match a member’s lifestyle, income, or expected behavior
- High volumes of payments or transactions over their balance or credit limit
- Irregular or seemingly illegitimate public benefits payment
- Repetitive purchase returns, disputes, and/or chargeback that exceed reasonable activity for the member
- Evidence of coercion, abuse, or even potential money laundering, as exhibited by urgency, secrecy, repetitive payments or large sums to one person, or the presence of that person while the payments are being made
- Evidence of business email compromise, including unusual behavior on the most susceptible payments channels or use cases (i.e. ACH originations related to Accounts Payable) or at larger companies with decentralized operations and procedures
Corpay, our parent company EasCorp’s trusted partner for secure, streamlined, and cost-effective international payments solutions recommends the following best practices to detect and mitigate fraud on international wires and iACH:
- Verify the details of all money or wire transfer orders before submitting the payment for processing. Pay special attention to new transactions or those that do not match prior payments activity and confirm the details of those items verbally by phone.
- Look closely at the email addresses used for the transaction as fraudsters will make an almost indiscernible change to the email address to impersonate the user and intercept payment-related communications.
- Confirm that you have the name and contact information for the correct individual, one authorized to place the payment order.
- Follow all your internal procedures and policies every time you process a payment order.
As the AFP report notes, fraud mitigation strategies, when used consistently, do work. Effective fraud prevention begins with awareness and education but is successful only with ongoing training and vigilant adherence to policies and procedures.