Small Businesses Face Fraud Attempts Every Day: Here's How to Stay Safe
When you’re faced with the reality of wearing more than ten hats a day, things can often slip through the cracks. While advertising, purchasing, or customer relations aren’t ideal to drop, your employee’s paycheck and personal information are two things you never want to get lost in the chaos. Unfortunately, it’s easy for many owner-operators to find themselves in compromising situations when using third party software for payroll and employee benefits.
We’d like to share some key strategies to help you safeguard your business and the amazing people you’ve built your team around. With these steps in mind, along with the awareness of potential fraud, you’ll discover how to protect your livelihood and those who rely on you.
Key Issue: False Changes of Information
One of the biggest vulnerabilities small businesses face is within their data systems and email accounts. Often, online fraudsters will request a change of a deposit account via email, posing as one of your employees. Instead of inputting the change as requested, confirm with your employee using the contact information you have on file before updating the records. This will help prevent you from giving an employee’s paycheck to a fraudulent person even if it appears legitimate through email.
“The crux of the fraud seems to always be related to lack of controls around the process, specifically in verifying who is actually making the request.” Said Adrian Johnson, LSB Director of Asset Liability Management. “The requests that lead to fraud almost entirely come via email or phone calls and the business or payroll doesn’t have a process to affirmatively confirm.”
Key Solution: Verifying Requests
“Back when I managed a small restaurant, we would have employees request payroll changes in person and in writing before sending them on to our third-party CPA to execute the updates,” shared Katie Hansen, LSB Digital Marketing Coordinator.
While this strategy works for small businesses, corporations with 50 or more employees typically work through an HR system. By using a two-step verification within this system’s process, you can prevent potential fraudsters from succeeding through false account update requests. Additionally, companies with IT departments can require administrators to monitor the HR system for spikes in activities such as a large number of accounts having contact and banking info changed over a short time period.
Matt Jenkins, LSB Treasury Management Sales Manager, added, “Employee education has proven to be one of the best ways to keep employees on point with potential fraud scenarios.”
By educating employees company-wide on concepts such as phishing schemes, basic cybersecurity hygiene, social engineering schemes, unsafe online behavior, and data security, small business owners can ensure they’re giving their staff the tools they need to combat potential fraudsters and reduce the company’s vulnerability to cyber-attacks.
If you’re looking to partner with a financial institution that cares about your business as much as you do, reach out to one of our treasury management
professionals. It is our passion to help our local business owners succeed.
Lincoln Savings Bank. Member FDIC.