Your business is your livelihood, your second home – and you protect it as such. But have you protected your accounts appropriately to protect against fraud?

According to the American Banking Association’s (ABA) 2019 Deposit Account Fraud Survey, banks prevented over $22 billion in attempted fraud in 2018 – preventing nearly $9 of every $10 of attempted fraud. While banks actively monitor for fraud, security, monitoring, and service utilization is a role for both the bank and the business.

Types of Fraud

Bank fraud is complex, and fraudsters become more and more sophisticated with their techniques and attacks. There are many types of bank fraud that can happen through your daily transactions and activity. Let’s review some of the types of fraud that can affect business accounts:

Account Takeover

Happens when a fraudster gets access to your bank account. This type of identity theft can happen through a data breach, malware attack, or phishing attack. Once the fraudster gets access to your account, they can make unauthorized transactions.

You can help prevent this type of fraud attack by being diligent about protecting your account information, including your login credentials and card numbers.

Some banks offer Multi-Factor Authentication (MFA) tools to help keep your online accounts secure. Some forms of MFA include text messages or calls that include a series of numbers, or physical tokens that are needed to log in.

Man-in-the-Middle Attacks

Happen when a fraudster intercepts financial information as it is transmitted wirelessly. This type of fraud attacks the mobile payment systems when you purchase products online on an unsecured network, like at a coffee shop. Once the fraudster captures your payment information (i.e., your credit card data), they can continue to make unauthorized purchases through that form of payment.

You can help prevent this type of fraud by being mindful when you are making online purchases. Make sure you are on a secure network when making purchases and only buy products from secure websites.

Some banks offer alert tools that notify you when transactions are made on your card; this can be an effective way to catch unauthorized purchases quickly.

Email Spoofing

Happens when a fraudster sends an email disguising themselves as a business, acquaintance, or even your organization’s CEO. Typically, these emails ask for secure information, contain phony links, or include malware-infected attachments. If the email recipient acts upon these email requests by providing secure information, clicking a link, or opening an attachment – the fraudster can use the information or continue to track their device to obtain secure information.

You can help prevent this type of fraud attack by not sharing your secure information from people that contact you online. Being educated about internet security can help you determine if an email is a spoof or not. For more internet security tips, visit our internet security resource page.

Additionally, it is important to know that we will never ask for your PIN or account numbers.

Check Fraud

Check fraud accounted for 47% of the deposit account fraud losses – closely followed by debit card losses at 44%, according to the Deposit Account Fraud Survey from ABA.

“Sometimes, what’s old is new again as we’ve seen criminals gravitate back toward check fraud.”

– Paul Benda, SVP of risk and cybersecurity policy at the American Banking Association

Types of check fraud include forged signatures and endorsements, counterfeit checks, and altered checks. We have seen check fraud from businesses that issue paper paychecks to their staff.

One way to manage your check fraud risk is to utilize ACH for your transaction activities. While this does not eliminate all risk, it can be a more secure way of making your business payments.

Some banks offer Positive Pay services. Positive Pay matches the account number, check number, and dollar amount of each check that is presented for payment against a list of checks previously authorized and issued by your business. When your staff issues checks, a file is submitted through online banking. Once the checks are presented for payment, they are verified against the data submitted. Checks that match are paid, while unmatched checks are sent back to for your review. If you would like to approve the unmatched checks, they be will be paid, and fraudulent checks are returned.

If you are interested in learning about tools and services that make sense for protecting your business, reach out to your bank to learn about what services and tools they offer.
It is important to remember that just because you have a security system in place does not mean you’re entirely protected. Establishing a habit of diligently monitoring your accounts can help save your business from losses related to fraud. If you do suspect fraud, contact your bank right away.


By: Laura Gevik, Senior Vice President Chief Operations Officer, Drake Bank