Integrated circuit and virtual digital padlocks
Integrated circuit and virtual digital padlocks

It’s not if, but when: Real-world fraud attacks and how to prepare

The best defense is to be prepared. Learn from real-life scams.

Table of Contents

  1. The Devious Donor: Check Fraud
  2. Sneaky Senders: Account Infiltration
  3. Cunning Communications: Malware and Ransomware
  4. Mail Mischief: Check Theft

Fraud attacks are at an all-time high, exposing businesses to devastating financial losses. At First Financial Bank, we know that the best defense is to be prepared. Too many companies believe that fraud will “not happen to them,” when in fact we know: It is less a question of if your business will experience fraud, and more a question of when. Learn from the following real-life scams, which have been anonymized for privacy:

The Devious Donor: Check Fraud

A nonprofit was contacted via email by an alleged prospective donor. The “donor” explained that he and his wife had come to appreciate the benefits of the organization and would like to make a significant donation, and would they accept a check? The check arrived as discussed and the nonprofit deposited it as usual. That same day, the “donor” reached out to say the check had been mistakenly written for more than intended, and could they please quickly refund half electronically? Pleased to receive even half, the non-profit happily refunded the requested amount. The electronic refund to the “donor” went through, only for the nonprofit to quickly learn that the original check was counterfeit and returned for insufficient funds.

Did you know? Bad checks can take up to three business days to be returned NSF. A strong financial partner will provide regular fraud awareness education so that you know to recognize signs of scams, such as an urgent need for “overpayment reimbursement” from uncollected funds.

Sneaky Senders: Account Infiltration

An employee received what appeared to be an internal email, informing them that they were overdue in completing a required account update. The employee clicked on the provided link to complete the “required” form, which took them to a separate web page where they provided their work ID and password. The email and form were fraudulent, and the employee’s ID and password were shared with the fraudsters. Those credentials were used to log into the company’s financial database, create a second user, and wire out funds.

Did you know? Fraudulent emails can be hard to catch. They can be branded to look legitimate and can even use domain names that mirror the sender they are impersonating, i.e. bankaatfirst.com. Remain skeptical of any email requesting you to visit an external link, especially when the request is unexpected. Additionally, a strong financial partner will offer digital tools that enhance security that make it harder for fraudulent access to compromise an account. These protections include dual administrators, restrictions on who can create new users, and dual controls that require more than one person from the organization to validate all electronic transfers.

Cunning Communications: Malware and Ransomware

An employee received an email from what appeared to be a work superior, and the email contained an attached file. The “supervisor” wrote, “Please review the attached file and let me know if approved. I need your response quickly, as the deadline is approaching.” The employee opened the file, did not see anything relevant, and went to the supervisor for clarification. They did not realize that downloading the file installed malware—a virus that infiltrates networks—onto the company's computer. Malware can impact victims in several ways, including giving access to specific data, compromising systems, or granting access to accounts and systems. These particular fraud agents gained access to all the organization's systems and accounts, which they then ceased, rendering the business inoperable. The organization was unable to function, and the fraud agents shared demands that had to be met before control would be returned—hence the term “ransomware.”

The organization worked closely with their financial institution to facilitate an immediate shut-down of account access to limit damage. They then reached out to their Cyber Crime Plan agent who quickly activated the plan they had in place. While losses totaled about $100,000, it could have been closer to $800,000. Thanks to advance preparation and close collaboration between their financial partner’s banking support center, treasury management customer support, and their corporate fraud team, access capabilities were taken back from the fraudsters. The system was completely scrubbed to ensure restored security, and then access returned to normal.

Did you know? An email can include a recognized name in the “From” section, but closer inspection might reveal that the email address itself is suspicious, i.e. From: John Smith, First Financial Bank <ax25vyvian@gmail.com>. Never download a file that you were not expecting to receive. Even if the file seems to come from a trusted contact, do not reply. The best approach is to call your contact and verify the purpose of the file. It may seem safe to create a new email thread to your contact, but if their email has been hacked you may continue to receive fraudulent communication from a legitimate-looking email. Always call your trusted contact to determine legitimacy.

Mail Mischief: Check Theft

An organization mailed a vendor payment the same way they had done many times before. It was intercepted by a criminal and used to open a new account through a bank two states away, in the name of intended vendor. Three months later, the vendor called the organization and asked about the late payment. When the organization explained that they paid by check and the check was shown as “processed,” they were able to figure out that the new bank had allowed the criminal to open the fraudulent account and deposit the stolen check. Endorsement fraud cannot be detected through common fraud services and can be a lengthy process for recovery.

Did you know? Your financial partner may have services to validate endorsements as well as common check fraud. If you are expecting payment and it is past due, pick up the phone and contact your trusted customer to ask about the delay.

* * *

There is no shame in falling prey to a financial scam, particularly as they grow increasingly more sophisticated. However, it is important to take advantage of all the tools available to protect yourself and your business, such as First Financial Bank’s Risk Management Solutions. Contact your Relationship Manager or Treasury Management Advisor to learn which products and solutions are right for your company so that you can be protected when the inevitable happens. Remember: it’s not a matter of if, it’s a matter of when.