News

The FBI monitors schemes like Business email Compromise, Vendor and Payroll Inpersonation Fraud, and Mortgage Closing Schemes, Which typically involve social engineering or computer intrusion techniques. For details on how to spot and prevent these cyber fraud schemes, access the booklet put out by NACHA on Protecting Against Cyber Fraud.

More About Credit-Push Fraud

Credit-Push Fraud uses social engineering and email phishing attacks to deceive someone into sending funds to a criminal-controlled account. One good resource that broadly outlines CPF and offers steps for identifying and combatting the trend is Nacha’s recently released guidebook, “A New Risk Management Framework for the Era of Credit-Push Fraud”. Nacha’s Michael Herd states that “improved information sharing can counter fraud by improving awareness and understanding of fraud scenarios, enabling communication and recovery between parties regarding specific instances of fraud (paymentsjournal.com).”

CPF continues to dominate in the faster payments space with its expectation of quick turnaround and dependence on digital connections. Below are the four most prominent CPF scenarios, and how to protect against them, as outlined by Nacha.

Payroll Impersonation Fraud, characterized also as ghost employee fraud, employee misclassification fraud, or employee falsification fraud, occurs when cybercriminals hack employee records or access company portals using phished credentials to create a false identity. Much effort is made to identify an employee that has access to payroll and related accounting-type activities to redirect paychecks into a criminal-controlled account.

Best Protections: Tighten scrutiny over direct deposit changes and systems access, utilize multi-factor authentication for accessing sensitive employee records and details, and increase employee education for awareness and red flags.

Vendor Impersonation Fraud, also classified as Relationship and Trust Fraud by the Federal Reserve, takes place when fraudsters convince government agencies, service organizations, and third-party vendors to make payments to the fraudster’s account. Smaller businesses and vendors tend to fall prey to this fraud type, whereby internal protections may only be stopgap measures.

Best Protections: Authenticate all payment change requests using known contact information, separate internal oversight between current and new vendors, and maintain stringent policies for vendor address and direct deposit changes.

Business Email Compromise Fraud (BEC) occurs when an email of someone holding authority within a company (normally C-Level personnel) is compromised and a request for funds is sent to a trusted internal party. Also classified as Relationship and Trust Fraud by the Federal Reserve, BEC fraud can be very damaging to a company, given current focus on the digital space, quick money movement, and reliance on email communications to conduct daily operations. Fraudsters conduct BEC fraud using techniques such as spear-phishing, wicked malware, and slight changes to legitimate email and company addresses.

Best Protections: Be cautious of urgent requests, verify (in person when possible) every request for personal payments or fund transfers, set up and never disable two-factor authentication, and scrutinize email address formats, company URLs, and phone numbers.

Account Takeover Fraud (ATF) occurs when a fraudster gains access to all necessary account information and then conducts transfers into their own accounts or accounts funded for unscrupulous purposes. ATF can wreak havoc in many ways, but criminals with legitimate credentials can deplete accounts quickly and move on before raising suspicions.

Best Protections: Engage and never disable multi-factor-authentication on all accounts, stay mindful of data that is shared online and via social media sites, and never click on links in unsolicited emails and text messages.