Safeguarding Your Dealership from Fraud

Similar documents
security FRAUD PREVENTION Business Checklist Safeguard your money, your credit and your good name.

Identity Theft, Fraud & You. PrePare. Protect. Prevent.

Best Practices Guide to Electronic Banking

The BUSINESS of Fraud. Don t let it put you out of business. AFFILIATE LOGO

Retail/Consumer Client Internet Banking Awareness and Education Program

WHAT IS CORPORATE ACCOUNT TAKEOVER? HOW DOES IT HAPPEN?

9/11/ FALL CONFERENCE & TRAINING SEMINAR 2014 FALL CONFERENCE & TRAINING SEMINAR

Quick recap on ing Security Recap on where to find things on Belvidere website & a look at the Belvidere Facebook page

CLICK TO EDIT MASTER TITLE STYLE Fraud Overview and Mitigation Strategies

South Central Power Stop Scams

ELECTRONIC BANKING & ONLINE AUTHENTICATION

Employee Security Awareness Training

Online Security and Safety Protect Your Computer - and Yourself!

Web Cash Fraud Prevention Best Practices

CYBER SECURITY RESOURCE GUIDE. Cyber Fraud Overview. Best Practices and Resources. Quick Reference Guide for Employees. Cyber Security Checklist

Target Breach Overview

Newcomer Finances Toolkit. Fraud. Worksheets

University of North Texas System Administration Identity Theft Prevention Program

Cyber Insurance: What is your bank doing to manage risk? presented by

IMPORTANT SECURITY INFORMATION PHISHING

Business/Commercial Client Internet Banking Awareness and Education Program

FAQ. Usually appear to be sent from official address

huntington Business security suite user guide

The Cost of Phishing. Understanding the True Cost Dynamics Behind Phishing Attacks A CYVEILLANCE WHITE PAPER MAY 2015

Frauds & Scams. Why is the Internet so attractive to scam artists? 2006 Internet Fraud Trends. Fake Checks. Nigerian Scam

Online Fraud and Identity Theft Guide. A Guide to Protecting Your Identity and Accounts

Personal Cybersecurity

Your security on click Jobs

Safety and Security. April 2015

Taking control of your finances... 5 Use these tips to manage your finances

Business Online Banking & Bill Pay Guide to Getting Started

Preventing fraud in public sector entities

COMMON WAYS IDENTITY THEFT CAN HAPPEN:

Fraud Risks Facing Credit Unions. ALLIED SOLUTIONS LLC SERVICE CENTER 210 East Main Street, Suite 200, Niles, MI Fax:

FACTS WHAT DOES FARMERS STATE BANK DO WITH YOUR PERSONAL INFORMATION? WHY? WHAT? HOW? L QUESTIONS?

Credit Card Frauds Sept.08, 2016

You are signing up to use the Middlesex Savings Bank Person to Person Service powered by Acculynk that allows you to send funds to another person.

Red Flags/Identity Theft Prevention Policy: Purpose

Fraud Update: Why Fraudsters Love Wires and How to Stop Them. Luis Rojas, Director, Product Management WesPay 2014

Seattle University Identity Theft Prevention Program. Purpose. Definitions

Virtual Product Fair. Protect your agency data protect your business

How to Keep Your Personal Information Secure

CAREERBUILDER.COM - PRIVACY POLICY

Security Awareness & Best Practices Best Practices for Maintaining Data Security in Your Business Environment

NOT-FOR- PROFIT SERVICES GROUP Client Information Bulletin

It pays to stop and think

JAPAN CYBER-SAVVINESS REPORT 2016 CYBERSECURITY: USER KNOWLEDGE, BEHAVIOUR AND ATTITUDES IN JAPAN

Cyber security tips and self-assessment for business

CERTIFIED MAIL LABELS TERMS OF USE and PRIVACY POLICY Agreement

Client Resources. participant guide

Prevention of Identity Theft in Student Financial Transactions AP 5800

Business ebanking User Guide May 2015

Capital Bank Express User Guide. The Tech Behind the Money

Train employees to avoid inadvertent cyber security breaches

Identity Theft Prevention Program. Effective beginning August 1, 2009

Protecting Your Business From Hackers

How to recognize phishing s

FRAUDULENT TRAVEL SCAMS

Identity Theft and Online Security

Regulator s Perspective of Best Practices in Combatting Cybercrime Executive Fraud Forum October 30, 2013

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

ASSESSMENT LAYERED SECURITY

Treasury Services Group Number Treasury Management Officer

First Republic Bank Corporate Online User Guide

A CFO s Guide to Cyber Security in the Coming Year

Wire Fraud Scams: How to Protect

The 2017 State of Endpoint Security Risk

GLBA. The Gramm-Leach-Bliley Act

COMPLETING THE PAYMENT SECURITY PUZZLE

Identity Theft Victim s Complaint and Affidavit

1. General provisions

Cyber Security Guide for NHSmail

Personal Online Banking & Bill Pay. Guide to Getting Started

QNB Bank-ONLINE AGREEMENT

Guide to credit card security

KSI/KAI Cyber Security Policy / Procedures For Registered Reps

A practical guide to IT security

Panda Security 2010 Page 1

Bring Your Own Device

BRING YOUR OWN DEVICE: POLICY CONSIDERATIONS

Detect, Denounce, Deter

Privacy Policy. I. How your information is used. Registration and account information. March 3,

[Utility Name] Identity Theft Prevention Program

Security Awareness. Chapter 2 Personal Security

Common Scams and Fraud. Charlottesville/Albemarle County TRIAD Group

Why you MUST protect your customer data

PCI Compliance. What is it? Who uses it? Why is it important?

IDENTITY THEFT PREVENTION Policy Statement

ANNUAL SECURITY AWARENESS TRAINING 2012

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)

An Overview of the Gramm-Leach-Bliley (GLB) Act and the Safeguards Rule

Phishing: When is the Enemy

Page 1 of 6 Bank card and cheque fraud

Identity Theft Prevention Policy

Easthampton Savings Bank Online Business Banking User Guide

UTAH VALLEY UNIVERSITY Policies and Procedures

Regulation P & GLBA Training

TIPS TO AVOID PHISHING SCAMS

Sc r a n t o n Wi lk e s-ba r r e

DIRECTIVE ON INFORMATION TECHNOLOGY SECURITY FOR BANK PERSONNEL. June 14, 2018

Transcription:

Safeguarding Your Dealership from Fraud Fraud continues to be a problem at dealerships and the risks are only getting greater. Today s fraud schemes are more elaborate than ever and often employ an astonishingly high level of technical sophistication. However, while no amount of planning and oversight will ever completely eliminate fraud, you can take important steps to protect your dealership. Key takeaways The numbers are in: Fraud attempts are on the rise According to the 2017 AFP Payments Fraud and Control Survey, 74% of organizations report that they were victims of payment fraud attempts in 2016. This is the largest share on record, and significantly higher than the percentages reported between 2011 and 2014. The message is clear: Fraudsters are continuing their relentless attack on businesses like your dealership. Percentage of organizations that experienced attempted and/or actual payment fraud, 2006-2016 Payment fraud is on the rise in the U.S. as thieves continue to attack businesses. Fraud attempts arise from both external and internal sources, with fraudsters using increasingly sophisticated physical and electronic tools. 80% 70% 60% 50% 40% 30% 20% 10% Dealerships can safeguard their businesses from fraud by employing the right blend of process and technology. 0% 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 Source: 2017 AFP Payments Fraud and Control Survey 1 of 5

Of those companies that experienced attempted or actual payment fraud, the survey found that: 75% of organizations reported check fraud in 2016, an increase from 71% in 2015 and a reversal of the declining trend in check fraud since 2010. Wire transfers were the second most-often payment method used in attacks by fraudsters, with 46% of organizations reporting this method, a dramatic increase from only 5% in 2009. Fraud via corporate/commercial credit cards accounted for the third largest share of fraud, with 32% of organizations having been affected, followed closely by ACH debits (30%) and ACH credits (11%). 74% reported that their organizations were exposed to business email compromise, up 10% from the prior year. Percentage of organizations attacked by fraudsters by method: 11% ACH credits 30% ACH debits 32% Corporate/ commercial credit cards 75% Checks 46% Wire transfers The fact that overall payments fraud is currently at its highest level is troubling. All organizations can certainly be targets of fraud, and it is important for them to take the necessary steps to make it as difficult as possible for criminals to succeed in their attacks. 2017 AFP Payments Fraud and Control Survey Sources of payment fraud Today s fraudsters: Often belong to an organized group Stalk their victims and know how to attack their weak points Have access to very sophisticated physical and electronic tools Fraud can originate from both external and internal sources. External fraud against a company covers a broad range of schemes, including billing for goods and services not provided, bad check writing, and falsified account information for payment and security breaches. Internal fraud also known as occupational fraud continues to be a major concern for businesses. The Report to the Nations on Occupational Fraud and Abuse a 2016 Global Fraud Study by the Association of Certified Fraud Examiners reported that: A little more than three-fourths of occupational fraud cases came from seven key departments: accounting, operations, sales, executive/upper management, customer service, purchasing, and finance. Nearly half of the cases in the study involved multiple perpetrators colluding with one another to commit fraud. The greater the number of fraudsters involved, the higher the losses tended to be. The vast majority of internal fraudsters (95%) have no history of fraud convictions, although almost 40% had been involved in some form of non-fraud workplace violation. The median duration of the frauds in the study was 18 months, and losses rose as the duration increased. 2 of 5

In addition to the losses incurred by fraud, there are hidden costs that include: Insurance claims Police reports Internal investigations and audits Affidavits Negative impact on public image Combating dealership fraud examples While you can t eliminate fraud threats, there are tools you can use to safeguard your dealership. Consider these examples of checking fraud attempts: A dealer writes a check to an individual for a refund of a portion of estimated fees for an auto purchase. The customer takes a photo of the check and tries to cash it multiple times in various locations. A fraudster washes a dealership check by chemically erasing the printed details of a check and rewriting the check to himself/herself. A bank service called Positive Pay can help dealerships avoid these and other fraudulent check-writing schemes, said Brian Bateman, senior vice president of KeyBank Dealer Finances. With Positive Pay, as you issue checks, you provide the bank with the check number, issue date, and dollar amount of your checks. When your checks are presented to the bank for payment, each check is electronically compared to your issue information. The dealership is notified any time an item doesn t match, and you then have the ability to view an item and make a payment decision. Dealers can protect themselves from check fraud the largest single area of fraud attempts by moving checks to automated services. For example, some dealers still issue checks for payroll, said Bateman. By shifting payroll to ACH and direct deposit of employee checks, they can avoid this form of check fraud. Unauthorized debits to an ACH account can also be a source of fraud. A thief, posing as the owner of your account, provides information to a creditor and requests that funds be withdrawn to pay a debt. This creditor s bank submits an electronic transaction requesting that the account be debited. All of this can happen without your knowledge or consent. You can protect your dealership from this form of electronic fraud by using an electronic payment authorization (EPA) service to block, filter or identify any unauthorized transactions attempting to post to your account, Bateman said. Fraud attempts via email are rising, and wire transfers are the main target for business email scams. For example, a thief may submit an email instruction to a dealership s finance staff to wire funds to a certain account. The email may look very much like the email of an authorized dealership employee, but with one minor tweak the addition of a letter tucked away in the address, for instance. If your staff is not vigilant, funds may be wired to a fraudster s account. A dealership s personnel needs to be trained in how to spot suspicious email requests and to be wary of unusual demands. Social engineering is the practice of obtaining sensitive information by tricking people into breaking established security procedures. Phishing is a type of social engineering in which a fraudster falsely claiming to be a legitimate entity tries to scam someone into surrendering passwords, financial or personal information, or by infecting the target s computers with malware. Scams involving the IRS are one of the most prominent forms of phishing. Claiming to be the IRS, scammers may use email and text messaging to set up their victims. The government doesn t initiate contact with taxpayers via email, texting, or other social media to request personal information or financial information, nor does it use these channels to threaten taxpayers with lawsuits, fines, and imprisonment. 3 of 5

Dealers can take several steps to train staff and protect themselves from social engineering fraud, which include the following warnings: Be suspicious of any unsolicited emails, phone calls, or text messages with an urgent request for personal or financial information, from both known and unknown senders. Never provide system credentials or any other personal information on an unsolicited inbound call. Always verify the identity of an unsolicited caller by insisting on calling him/her back at a trusted phone number listed for that company. Never click on an embedded link or attachment, or fill out forms asking for personal information in an unsolicited email or text message. Ensure that your operating system, security software, and mobile apps updates are current. Schedule anti-virus software to automatically run on a regular basis. Report any unsolicited attempts that appear to be scams. EMV chip technology enables cards to incorporate security features to help build a sophisticated defense against fraud. While most dealers have moved to smart-card terminals, those dealers who are still using a magnetic stripe terminal and swiping cards are taking unnecessary risks. That s because all liability for fraud losses falls on them and not the card issuer. The solution: Convert to smartcard payment technology. Protecting your digital identity is critical, but don t overlook the security of your physical documents. Dumpsters divers are still out there, and they re going through your garbage to find sensitive information. Establishing a protocol for paper shredding is one of the simplest and most effective ways to protect your dealership and customers. Steps to take to protect your dealership Effective fraud protection is the right blend of process and technology, including the following. Be aware and be safe Monitor your dealership s accounts daily and closely. Be suspicious of any unsolicited emails, phone calls, or text messages from either known or unknown senders with an urgent request for personal or company financial information. Never log in to your dealership s online banking account via a link or Internet address provided in an email or text message. Never use favorites to access a website where you plan to disclose private information type the URL into your browser s address bar. Only enter financial or account information on sites that have the lock icon displayed in the browser and https preceding the URL. Be vigilant with emails Do not open unsolicited, suspicious emails or emails from unknown senders delete them. If you do inadvertently open one, never click on links or open attachments. If you receive a message from a known sender, do not open an attachment before checking with them through a known phone number/email address. Emails appearing to come from a trusted source could be fraudulent and contain a virus, Trojan horse, worm, or other malware. 4 of 5

Be vigilant with emails Do not share your email address except with trusted sources. Never provide personal information requested via pop-up windows or email. Never initiate ACH (automated clearing house) or wire transfer transactions or change accounts based solely on email requests always confirm the action via a trusted phone number or in person. Encrypt your emails. Review computer security Use strong passwords and change them often. Ensure that antivirus programs are updated daily. Maintain and review your dealership s computer operating systems and web browsers, and install the recommended security updates as they become available. Limit administrative rights. Ensure employees at your dealership lock their computers when away from their desks. Consider using a dedicated computer for all banking transactions. Communicate with and educate dealership employees Routinely discuss how to identify fraud. Develop/evaluate internal fraud policies and controls. Prepare a contingency plan for dealership operations with your banker in the event of a payment system disruption. Read Consumer Affairs reports, as these often post alerts about new scams. Provide ways for employees to report suspected fraud. Set up fraud controls Work with IT/Security to develop a plan for responding to fraud. Limit the use of your dealership s ACH system to dealership employees who need to use the system. Use dual controls and ensure separation of duties. Verify employee access rights and credentials regularly. Establish and maintain document shredding/destruction protocols. How KeyBank can help KeyBank s specialists can work with your dealership to maintain an effective fraud prevention program. For more information, contact your KeyBank Dealer Services Relationship Manager. 5 of 5 As a service to our clients, KeyBank is providing this brief overview to raise client awareness. KeyBank does not make any warranties regarding the results obtained from the use of this information. The information and recommendations contained herein is compiled from sources deemed reliable but is not represented to be accurate or complete. In providing this information, neither KeyBank nor its affiliates are acting as your agent, broker, advisor, or fiduciary, or is offering any tax, accounting, or legal advice regarding these instruments or transactions. All credit, loan, and leasing products subject to credit approval. 2017 KeyCorp. KeyBank is Member FDIC. 170828-281895

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback