Fraudsters are nothing if not creative, and the latest trends in some of the scams they perpetrate on businesses involve targeting victims, noted Claudia Swendseid, senior vice president of the Federal Reserve of Minneapolis, who spoke Monday at NACM's 120th annual Credit Congress & Expo in Las Vegas.
Swendseid cited invoice, executive and extortion/ransomware schemes as a few examples. Invoice schemes can involve a fraudster sending a credit manager a fake invoice, typically in the name of a large supplier. These often contain no spelling mistakes or other obvious indicators that something is wrong.
Another type of fraud businesses are experiencing is where a credit professional is sent an email that appears to be from an executive within the firm with urgent instructions to pay the invoice, Swendseid said. The extortion schemes often involve a criminal locking down key information from your firm and demanding payment for it; if not, the fraudsters claim they'll destroy the information. Still in other schemes, criminals send enticing emails such as a LinkedIn request from a "fellow" worker.
For starters, employees should hover with the computer mouse over any email address to make certain it's coming from the correct location, she said. More generally, the credit team should sit down with its IT department and ask if it encrypts important financial information, Swendseid said. If not, it should; it's an excellent way to secure data, and more secure than any firewall your company may have implemented.
Also, make sure your company has a policy to regularly purge data it doesn't need, she said. That way, you can reduce your exposure to data theft, while also potentially saving money on data storage.
- Nicholas Stern, editorial associate