Vendor Impersonation Scams: A TMANY Wrap Up

Posted by Angela Sarno on Jun 14, 2022 11:21:00 AM

Last week, I had the honor of presenting at the TMANY 2022 Cash Exchange Conference alongside Christopher Arehart, SVP, First Party Product Manager, North America Financial Lines at Chubb.  We had one hour to share with treasury professionals everything we wanted them to know about vendor impersonation frauds, why they are successful, and how to address organizational risk in the vendor onboarding and management process.  (For the record, I believe Chris and I could actually speak for a solid six hours on this subject, so it was a tall order to fit it into 60 minutes!)

Screen Shot 2022-06-13 at 10.12.58 AM

For those of you who were not able to attend the exceptional TMANY event, I offer the following quick takes on our subject:

  1. A good vendor impersonation scam will be impossible for your staff to spot. (Yes, impossible).
  2. Social engineering losses are generally not covered by crime or cyber insurance policies (or if they are, they have very low limits).
  3. If you cannot audit your vendor onboarding and change process, then it’s not actually a process, and it’s likely not insurable.

Let's dig in.

Read More

Topics: payments fraud, insurance, ACH, vendor master, risk, business payments

Social Engineering Frauds- 2021 Stats

Posted by Angela Sarno on Jun 1, 2022 9:45:00 AM

The 2021 numbers are in... and fraudsters are still gonna fraud.

Screen Shot 2022-05-27 at 1.31.37 PMBoth the Association of Financial Professionals 2022 Payments Fraud and Controls Survey and the FBI's Internet Crime Report for 2021 recently published, and while there were no big surprises, there were a couple of points that are worth pondering.

Read More

Topics: payments fraud, AP, insurance, risk, social engineering fraud

What Banks are Spending Money on in 2022

Posted by Hayley Haynes on May 10, 2022 9:26:14 AM

In an effort to stay competitive U.S. banks are budgeting big money on tech updates in 2022! Business man in suit looking at cloud with falling money and sun

JP Morgan Chase recently announced plans to spend most of its new project budget – a number close to $15 billion – on tech plans as a necessary means to meet customer expectations and compete with other banks and fintechs who are making innovative use of tech. 

So exactly what type of technology are these dollars being spent on? 

Read More

Topics: payments fraud, insurance, risk, social engineering fraud, banks

3 Common Scams Fraudsters Use to Trick Your Employees

Posted by Angela Sarno on Apr 6, 2022 8:20:22 AM

All the cybersecurity tools in the world aren’t going to protect your organization from a fraudster who has succeeded in getting your employee to believe a scam.

It’s no secret that fraudsters have figured out how to trick even the most diligent and well-trained employee into believing that they are dealing with their actual vendor. Once they’ve done that, it’s just a matter of time until banking information is changed and the fraudster runs off with money that was intended for your supplier. 

The aftermath of such an event isn’t pretty: bad press, lost jobs, damaged reputations.

Here are three common ways that fraudsters will attempt to trick your employees- and what you should watch out for.

Read More

Topics: payments fraud, insurance, risk, social engineering fraud

Social Engineering Fraud & Vendor Management: Friction vs. Risk

Posted by Angela Sarno on Mar 25, 2022 11:01:01 AM

Social Engineering Fraud & Vendor Management: Friction vs. Risk Live Event Synopsis

PW - Nacha Twitter ad-1200x675_300_v5

 

Social engineering fraud, business email compromise (BEC) fraud and business-to-business payments fraud: three different names, same game. All are a form of a man in the middle attack, where a fraudster sends an email to an accounts payable person to request a change to the banking credentials in the vendor master to divert a valid vendor payment to a fraudulent bank account. This is the largest source of cybercrime from a monetary standpoint and it only continues to increase.

To address this problem, we brought together three industry experts in a panel discussion, “Social Engineering Fraud & Vendor Management: Friction vs. Risk”. Joe Hussey, vice chair at J.P. Morgan, Rob Unger, senior director for product management and strategic initiatives with Nacha and Thayer Stewart, CEO of PaymentWorks, dissected social engineering fraud and how it plays into the vendor management process and specifically what role the battle between friction and risk plays in finding a solution.

Watch a clip below!

Read More

Topics: payments fraud, risk, social engineering fraud

Top Three Takeaways: Social Engineering Fraud and Your Vendor Master - Managing the Risk

Posted by Angela Sarno on Mar 9, 2022 11:45:46 AM

Our recent live event, Social Engineering Fraud and Your Vendor Master - Managing the Risk, brought together industry experts – Taylor Nemeth, Head of Payments at PaymentWorks, and Christopher Arehart, SVP and Product Manager of Crime, Financial Fidelity, Kidnap/Ransom and Extortion at Chubb Insurance. (The dynamic duo also happen to be co-authors of the recent white paper Guarding Against Social Engineering Fraud." Please download a free copy!)

They took a deep dive into the increasingly hot topic of business payments fraud, which they agree is, at the core, an identity problem. This identity problem happens to be a multi-billion-dollar problem which can be attributed to the combined effect of the fact that 300+ billion emails are being exchanged every day across businesses and individuals and that 30% of existing suppliers are changing their information over the course of a year (PaymentWorks database statistic, 2021). This has added up to $28 billion in losses with an average incident loss of over $150,000 (from 2016-2020), a number which has doubled in 2021! (FBI Internet Crime Report 2021.)

The big question on everyone’s mind is how can organizations avoid this problem and avoid the financial and reputational loss that comes with it? Here, we offer you the top three takeaways from this electric and informational event.

Read More

Topics: payments fraud, insurance, risk, tips from the frontlines, social engineering fraud

ARPA Funds: The Key to Advancing Your Tech Stack

Posted by Angela Sarno on Jan 26, 2022 10:15:00 AM

At PaymentWorks, we are passionate about secure vendor onboarding as the lynchpin of secure payments.  When nearly three quarters of organizations have actual or attempted payments fraud scams aimed at them, we know that finding ways to gain peace of mind when it comes to avoiding these scams is keeping a lot of you up at night.  

Read More

Topics: payments fraud, vendor master, risk, Cyber Security, business payments

The Risk and the Reward

Posted by Angela Sarno on Nov 9, 2021 12:16:08 PM

Author note: I had the pleasure of meeting Kristen Drobnis during this past summer.  She was gracious with her time and passionate about risk.  This combination intrigued me so much I immediately asked her if she would be on our podcast.  This podcast and blog are taken from our interview in August 2021.

As the Chief Risk and Privacy Officer for Commonwealth Financial Network, one of the largest privately-held broker dealers in the United States, Kristen Drobnis understands risk as well as anybody. PaymentWorks Presents-Episode10-Kristen Drobnis-LInkedIn-300

And while the word ‘risk’ itself conjures up images of theft, fraud and other treacherous topics, Kristen brings a calm and measured approach to this fascinating industry.

PaymentWorks sat down with Kristen to discuss many topics, including why she loves her job, how to deal with fraudsters intent on playing the long game, and what element of dealing with risk keeps her up at night.

You can listen to the entire podcast here.

Read More

Topics: compliance, podcast, vendor master, risk

What AP Can Learn From Procurement

Posted by Angela Sarno on Oct 27, 2021 10:15:00 AM

As promised, we have our ‘counterpoint’ to last week’s blog. This week it’s your turn AP!  There is so much you can learn from your peers in procurement. I cannot wait to dive in!  (Side note: finding just the right image in stock art kept me up late last night.  Please enjoy this wonderful team huddle.)

Read More

Topics: AP, procurement, risk, supply chain, business payments

The American Rescue Plan Act: A Primer on Spending

Posted by Angela Sarno on Oct 6, 2021 9:24:50 AM

John Wilkerson is so passionate about the American Rescue Plan Act it feels like family to him.

"This has become my life's work," he says. "I will not have any more kids, I can't imagine, but if I do I will name it ARPA after the American Rescue Plan Act."

PW-Presents-Episode9-John-Wilkerson-linkedin

Listen to our entire podcast with John Wilkerson here.

If you think he's kidding, guess again. Wilkerson has served the last 15 years as general counsel to the Arkansas Municipal League and takes great pride in helping 500 cities and towns across Arkansas develop and implement strategies to become stronger financially.

ARPA was passed by Congress in response to the Covid-19 Pandemic, and while one big bucket of the funding must go towards fighting Covid, there's much more that can be done with the money that Congress has allocated.

Read More

Topics: risk, Cyber Security

PaymentWorks-Logo-Black_600tall

Digital Supplier Onboarding for Secure, Compliant, and Optimized Business Payments.

  • Eradicate Fraud
  • Ensure Compliance
  • Eliminate Paper

Sign up to be alerted when we publish interesting things

Recent Posts