Presentation is loading. Please wait.

Presentation is loading. Please wait.

What do these numbers represent?

Published byRosanna McKinney Modified over 6 years ago

Similar presentations

Presentation on theme: "What do these numbers represent?"— Presentation transcript:

0 Fraud in today’s world September 18, 2015

1 What do these numbers represent?
1

2 Fraud statistics 60% of organizations were exposed to actual or attempted payments fraud in 2013 82% of survey respondents report checks were the primary target for fraud attacks at their organization $23,100 was the typical financial loss incurred by organizations due to payments fraud Source: 2014 AFP Payments Fraud and Control Survey 2

3 Payment method responsible for largest dollar amount of fraud loss
Source: 2014 AFP Payments Fraud and Control Survey

4 Types of check fraud Unauthorized check Maker forgery
Internal embezzlement Forged endorsement Customer victimization Counterfeit Altered check

5 Electronic deposit check fraud
Check 21 opened up a world of possibilities for financial institutions, their customers, and unfortunately, criminals Risk management has become a key focal point for financial institutions as they offer more opportunities for image-related deposits

6 ACH Debit Fraud Criminals get MICR-line information from a legitimate check Sell information to fraud rings Fraud rings originate ACH transactions using legitimate account numbers Confidential - For Internal Use Only

7 Cyber fraud – three primary methods
Social engineering Malware Combination: social engineering used to install malware

8 Social engineering via phishing example

9 Spear phishing Spear phishers target select groups of people
Information obtained by hacking into a computer network, or by combing through other sites The messages look more legitimate to the receivers Create false sense of security about clicking on the embedded link Tone of urgency convinces victims to act quickly, providing information they would not normally disclose This may allow installation of malicious codes known as “malware” Malware can be used by criminals to gain unlimited access to data from victims’ computers

10 Business account takeover
Online banking credentials sent to criminal Password-stealing Trojan sent as attachment Criminal sends sub $10,000 payments to money mules Criminal logs into victim company’s bank accounts Mules withdraw cash and forward to criminals overseas

11 Imposter Fraud Are you who you say you are?
Do you know whom you are paying? 11

12 Reduce your risk Educate your staff Verify your vendor
Verify your requestor Watch your wires Audit your activity 12

13 What steps can entities take to avoid fraud?
13

14 Six rules for a strong fraud protection program
Protect access credentials Increase internal controls Educate employees Know your employees Keep authorizations up to date Know your vendors Trust is not an internal control

15 Number-one line of protection
Your employees are the front line of defense against online fraud Entities must ensure they get the training they need and remind them often to stay on their guard against online fraud

16 Diligent user management
Audit users on a regular basis, especially those with transaction privileges Review user privileges often to ensure no one has unauthorized or unnecessary access Limit transaction privileges to an absolute minimum – needs only basis Apply separation of duties for key money movement activities

17 Maintain separation of duties
Assign accounts payable functions to more than one person Rotate personnel in financially sensitive assignments Limit the number of signers Require more than one signature on large dollar check amounts Confidential - For Internal Use Only

18 Dual custody – online banking portal
One person initiates and another approves from a different computer Online payment transactions Self-administration changes Be aware of collusion risks Select approvers that are less likely to collude Different locations Different functions Option exists to require multiple approvals

19 Enforce mandatory vacation policies
One of the most effective ways to avoid internal embezzlement Also a good way to detect embezzlement if someone is operating a scheme Confidential - For Internal Use Only

20 To avoid phishing attempts
Remember that most companies, banks, etc. will never request personal or sensitive information via or text If in doubt, call the company to check, but don’t use the phone number on the Don’t reply to a message that asks for personal or financial information Never follow a link to a secure site from an , always enter the URL manually Use a phishing filter; many of the latest web browsers have them built in

21 Secure passwords are critical
Create different passwords for different purposes Social networking Major shopping sites Financial institutions Separate passwords for infrequently visited sites Use passwords that cannot be easily guessed No pet names, family names – they can be found on social media sites A recent survey revealed that “password” and “123456” are very popular Try using the first letters of a memorable phrase and make it more complex by replacing letters with characters or numbers

22 Security considerations for mobile banking
Be cautious of unsolicited text messages. Avoid clicking on links contained in text messages. Don’t store sensitive data on your mobile device. Install tracking software that allows you to locate, lock or wipe data.

23 Maintain check security
Require tight security of all check stock Destroy obsolete check stock Keep check stock in an area that is locked and secure Purchase check stock from a reputable vendor Include safety features in checks Require a secure method of delivery for new stock Inventory check stock at least quarterly Limit number of individuals who have access to check stock Confidential - For Internal Use Only

24 Reconcile accounts promptly
Required by UCC Ensures timely identification of errors and/or fraud Reconcilement duties must be kept separate from check issuing duties

25 TM services to reduce risk and fraud
Positive Pay with Payee Validation Payment Authorization ACH Fraud Filter notification of outgoing wires (event messages) Account Reconciliation Dual control Remote Desktop Deposit Virtual Vaults Lockbox Merchant Services ACH payments Prepaid Cards Unique AP Cards 25 Confidential - For Internal Use Only

26 Webinar training sessions
Every week, a 60-minute, instructor-led online training class is offered to all Commercial Electronic Office® (CEO®) portal users. The training class is called: Reducing Risks: What you need to know about Payment Fraud During this course, the instructor will review: Growing fraud threats, including account takeover fraud and impostor fraud The latest fraud statistics   Tips for how to minimize the risk of fraud To locate training to go: CEO Homepage>Support Dropdown Menu>Online Training

27 Thank you

Download ppt "What do these numbers represent?"

Similar presentations

ANNUAL SECURITY AWARENESS TRAINING – 2011 UMW Information Technology Security Program Annual Security Awareness Training for UMW Faculty and Staff.

ANNUAL SECURITY AWARENESS TRAINING – 2011 UMW Information Technology Security Program Annual Security Awareness Training for UMW Faculty and Staff.
P ASSWORD S ECURITY. I F SOMEONE HAS YOUR PASSWORD, EITHER FROM YOU GIVING IT OUT OR THEM FIGURING OUT, THEY COULD : 1.Send abusive or threatening email.

P ASSWORD S ECURITY. I F SOMEONE HAS YOUR PASSWORD, EITHER FROM YOU GIVING IT OUT OR THEM FIGURING OUT, THEY COULD : 1.Send abusive or threatening .
8 Mistakes That Expose You to Online Fraud to Online Fraud.

8 Mistakes That Expose You to Online Fraud to Online Fraud.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
Payment Fraud Trends : What Can you do? Protect Yourself and Your Business from Financial Fraud.

Payment Fraud Trends : What Can you do? Protect Yourself and Your Business from Financial Fraud.
Notes to Teachers At the time we embedded the links in these lessons, they all worked. If they don’t, you can google the website, find the link, open it.

Notes to Teachers At the time we embedded the links in these lessons, they all worked. If they don’t, you can google the website, find the link, open it.
Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.

Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.
First Community Bank www.fcbnm.com Prevx Safe Online Rollout & Best Practice Presentation.

First Community Bank Prevx Safe Online Rollout & Best Practice Presentation.
Commercial eSecurity Training and Awareness. Common Online Threats Most electronic fraud falls into one of three categories:  PHISHING – Fraudulent emails.

Commercial eSecurity Training and Awareness. Common Online Threats Most electronic fraud falls into one of three categories:  PHISHING – Fraudulent s.
CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. Emails. Safe browsing for shopping and online banks. Social media.

CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.
PHISHING AND SPAM EMAIL INTRODUCTION There’s a good chance that in the past week you have received at least one email that pretends to be from your bank,

PHISHING AND SPAM INTRODUCTION There’s a good chance that in the past week you have received at least one that pretends to be from your bank,
BUSINESS B1 Information Security.

BUSINESS B1 Information Security.
Lesson 2- Protecting Yourself Online. Determine the strength of passwords Evaluate online threats Protect against malware/hacking Protect against identity.

Lesson 2- Protecting Yourself Online. Determine the strength of passwords Evaluate online threats Protect against malware/hacking Protect against identity.
Adam Soph, Alexandra Smith, Landon Peterson. Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details.

Adam Soph, Alexandra Smith, Landon Peterson. Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details.
How can IT help you today?. Agenda Why Do You Care? What Are The Risks? What Can You Do? Questions? How can IT help you today? 2.

How can IT help you today?. Agenda Why Do You Care? What Are The Risks? What Can You Do? Questions? How can IT help you today? 2.
Information Security Sharon Welna Information Security Officer.

Information Security Sharon Welna Information Security Officer.
The “F” Word: Fraud Presented by: Donna Mayes, CPA.

The “F” Word: Fraud Presented by: Donna Mayes, CPA.
Fraud in today’s world September 18, 2015. 60 82 23 1 What do these numbers represent?

Fraud in today’s world September 18, What do these numbers represent?
U.S. Businesses Targeted Randy Wolverton Brian J. Koechner.

U.S. Businesses Targeted Randy Wolverton Brian J. Koechner.

Similar presentations

Ads by Google