Vendor Impersonation Scams: A TMANY Wrap Up

Posted by Angela Sarno on Jun 14, 2022 11:21:00 AM

Last week, I had the honor of presenting at the TMANY 2022 Cash Exchange Conference alongside Christopher Arehart, SVP, First Party Product Manager, North America Financial Lines at Chubb.  We had one hour to share with treasury professionals everything we wanted them to know about vendor impersonation frauds, why they are successful, and how to address organizational risk in the vendor onboarding and management process.  (For the record, I believe Chris and I could actually speak for a solid six hours on this subject, so it was a tall order to fit it into 60 minutes!)

Screen Shot 2022-06-13 at 10.12.58 AM

For those of you who were not able to attend the exceptional TMANY event, I offer the following quick takes on our subject:

  1. A good vendor impersonation scam will be impossible for your staff to spot. (Yes, impossible).
  2. Social engineering losses are generally not covered by crime or cyber insurance policies (or if they are, they have very low limits).
  3. If you cannot audit your vendor onboarding and change process, then it’s not actually a process, and it’s likely not insurable.

Let's dig in.

Read More

Topics: payments fraud, insurance, ACH, vendor master, risk, business payments

Social Engineering Frauds- 2021 Stats

Posted by Angela Sarno on Jun 1, 2022 9:45:00 AM

The 2021 numbers are in... and fraudsters are still gonna fraud.

Screen Shot 2022-05-27 at 1.31.37 PMBoth the Association of Financial Professionals 2022 Payments Fraud and Controls Survey and the FBI's Internet Crime Report for 2021 recently published, and while there were no big surprises, there were a couple of points that are worth pondering.

Read More

Topics: payments fraud, AP, insurance, risk, social engineering fraud

What Banks are Spending Money on in 2022

Posted by Hayley Haynes on May 10, 2022 9:26:14 AM

In an effort to stay competitive U.S. banks are budgeting big money on tech updates in 2022! Business man in suit looking at cloud with falling money and sun

JP Morgan Chase recently announced plans to spend most of its new project budget – a number close to $15 billion – on tech plans as a necessary means to meet customer expectations and compete with other banks and fintechs who are making innovative use of tech. 

So exactly what type of technology are these dollars being spent on? 

Read More

Topics: payments fraud, insurance, risk, social engineering fraud, banks

3 Common Scams Fraudsters Use to Trick Your Employees

Posted by Angela Sarno on Apr 6, 2022 8:20:22 AM

All the cybersecurity tools in the world aren’t going to protect your organization from a fraudster who has succeeded in getting your employee to believe a scam.

It’s no secret that fraudsters have figured out how to trick even the most diligent and well-trained employee into believing that they are dealing with their actual vendor. Once they’ve done that, it’s just a matter of time until banking information is changed and the fraudster runs off with money that was intended for your supplier. 

The aftermath of such an event isn’t pretty: bad press, lost jobs, damaged reputations.

Here are three common ways that fraudsters will attempt to trick your employees- and what you should watch out for.

Read More

Topics: payments fraud, insurance, risk, social engineering fraud

Social Engineering Fraud & Vendor Management: Friction vs. Risk

Posted by Angela Sarno on Mar 25, 2022 11:01:01 AM

Social Engineering Fraud & Vendor Management: Friction vs. Risk Live Event Synopsis

PW - Nacha Twitter ad-1200x675_300_v5

 

Social engineering fraud, business email compromise (BEC) fraud and business-to-business payments fraud: three different names, same game. All are a form of a man in the middle attack, where a fraudster sends an email to an accounts payable person to request a change to the banking credentials in the vendor master to divert a valid vendor payment to a fraudulent bank account. This is the largest source of cybercrime from a monetary standpoint and it only continues to increase.

To address this problem, we brought together three industry experts in a panel discussion, “Social Engineering Fraud & Vendor Management: Friction vs. Risk”. Joe Hussey, vice chair at J.P. Morgan, Rob Unger, senior director for product management and strategic initiatives with Nacha and Thayer Stewart, CEO of PaymentWorks, dissected social engineering fraud and how it plays into the vendor management process and specifically what role the battle between friction and risk plays in finding a solution.

Watch a clip below!

Read More

Topics: payments fraud, risk, social engineering fraud

Top Three Takeaways: Social Engineering Fraud and Your Vendor Master - Managing the Risk

Posted by Angela Sarno on Mar 9, 2022 11:45:46 AM

Our recent live event, Social Engineering Fraud and Your Vendor Master - Managing the Risk, brought together industry experts – Taylor Nemeth, Head of Payments at PaymentWorks, and Christopher Arehart, SVP and Product Manager of Crime, Financial Fidelity, Kidnap/Ransom and Extortion at Chubb Insurance. (The dynamic duo also happen to be co-authors of the recent white paper Guarding Against Social Engineering Fraud." Please download a free copy!)

They took a deep dive into the increasingly hot topic of business payments fraud, which they agree is, at the core, an identity problem. This identity problem happens to be a multi-billion-dollar problem which can be attributed to the combined effect of the fact that 300+ billion emails are being exchanged every day across businesses and individuals and that 30% of existing suppliers are changing their information over the course of a year (PaymentWorks database statistic, 2021). This has added up to $28 billion in losses with an average incident loss of over $150,000 (from 2016-2020), a number which has doubled in 2021! (FBI Internet Crime Report 2021.)

The big question on everyone’s mind is how can organizations avoid this problem and avoid the financial and reputational loss that comes with it? Here, we offer you the top three takeaways from this electric and informational event.

Read More

Topics: payments fraud, insurance, risk, tips from the frontlines, social engineering fraud

Advice From the Vendor Desk: Five Tips to Prevent Business Payments Fraud

Posted by Angela Sarno on Mar 1, 2022 12:56:09 PM

 

With organizations of all sizes around the country continuing to be top targets of fraudsters, everyone talks a lot about ‘being careful’ with vendor onboarding.  But how does 'being careful' avoiding scams actually manifest in the day-to-day duties carried out by those folks tasked with onboarding new vendors and managing vendor changes?  

To find out, we went straight to the source and asked the people who work on the frontlines of vendor management. Here is their advice for keeping your organization off a fraudster’s target list and out of the headlines!

The great news? Many of these pearls of wisdom could be put into play by your vendor desk person as quickly as today. (75% of you deal with an attempted or actual fraud every year!*)

Read More

Topics: payments fraud, tips from the frontlines

ARPA Funds: The Key to Advancing Your Tech Stack

Posted by Angela Sarno on Jan 26, 2022 10:15:00 AM

At PaymentWorks, we are passionate about secure vendor onboarding as the lynchpin of secure payments.  When nearly three quarters of organizations have actual or attempted payments fraud scams aimed at them, we know that finding ways to gain peace of mind when it comes to avoiding these scams is keeping a lot of you up at night.  

Read More

Topics: payments fraud, vendor master, risk, Cyber Security, business payments

Three Bank Account Verification Methods to Scrap in 2022

Posted by Angela Sarno on Jan 4, 2022 10:15:00 AM

Think your bank account verification process confirms ownership? Think again.

How procurement and finance departments verify banking information generally falls into these three buckets:

  1. Collecting a voided check or account info on bank letterhead
  2. Calling the vendor to confirm the change
  3. Multi levels of internal approvals for changes

All of these seem, on the surface, to be solid, but are not infallible in defending the vendor master from infiltration by fraudsters.  If your organization is relying on any of these three ways to ensure the validity of your vendor master file's banking info, you are likely leaving holes wide enough for a fraudster to walk right in. 

Let’s break each one down:

Read More

Topics: payments fraud, AP, insurance, vendor master, Cyber Security, business payments

What Procurement Can Learn From AP

Posted by Angela Sarno on Oct 21, 2021 10:06:00 AM

At PaymentWorks we love Procurement and AP equally. We have amazing champions and customers in both areas, and our platform has strategic benefits to both functions.  Yet, we are constantly surprised that these two seemingly made-for-each-other departments don't always appreciate all they do in support of each other.

shutterstock_331812122

So we thought we'd take a stab in this two part series at playing 'counselor' to this couple, and walk through just how much they could learn from each other.

Let's begin.

Read More

Topics: payments fraud, AP, procurement, supply chain

PaymentWorks-Logo-Black_600tall

Digital Supplier Onboarding for Secure, Compliant, and Optimized Business Payments.

  • Eradicate Fraud
  • Ensure Compliance
  • Eliminate Paper

Sign up to be alerted when we publish interesting things

Recent Posts