The internet is too much sometimes: you answer emails, browse the web, scroll social media, get messages, and so on. All these can make you let your guard down, which is what scammers want. Especially when it comes to account takeover fraud. However, there are ways to prevent it, and Genome‘s team is ready to share our insights. What is an account takeover? An account takeover (ATO) occurs when a malicious actor gains unauthorized access to someone’s personal account, varying from social media to a banking app. After that, the scammer steals the individual’s money or personal information. How serious
Learn about the best practices in wire transfer fraud prevention from Genome’s Džeineta Dalia Pumputytė – Head of KYC, Deputy Head of AML, and Compliance.
For additional information, check our one-pager on the matter.
Do you want to know how to keep your information and funds safe from the most common types of fraud? Check Genome’s security page, where we list our advice.
What is wire transfer fraud?
It is a type of fraud that involves the misuse of any electronic money transfer services by malicious actors for their personal gain. To commit wire transfer fraud, scammers first use a variety of deception methods to trick an individual or a company into sending funds to the account created specifically for their fraudulent scheme.
Businesses can fall victim to wire transfer fraud as well. Thus, it is essential to know how to spot and avoid it.
How can your business prevent wire transfer fraud?
You need to focus on three main courses of action to increase your chances of avoiding wire transfer fraud.
|Utilize services and proven techniques to reduce fraud
|Establish rules and training for staff
|Use Genome’s tools to help you
|Enable multi-factor authentication for all business accounts on every website and application your company uses
|Your company requires an Information Security Department that will establish major rules and policies that will help regulate the secure usage of information inside the company and monitor potential threats, including fraudulent schemes
|Genome automatically enables multi-factor authentication for all your logins, outgoing transfers, and other services that require confirmation to protect you from malicious unauthorized actions
|Turn on instant notifications for all corporate accounts to be aware of all processes inside them
|Your company must provide employees with regular training sessions on security and fraud prevention measures
|Control access of employees with Genome’s shared account feature: limit and assign roles and access to features, including payments. This way, they will all have separate access to the wallet, and you will not have to share personal credentials
|Use password managers to keep credentials secure. Create unique passwords for each account
|Use only encrypted messaging applications and corporate messaging services to communicate with employees to avoid sensitive data leaks
|Get a Genome Token to add an additional remote layer of authentication for all your outgoing transfers
|Utilize reputable security software for all company’s PCs, tablets, and other equipment
|Money transfer-related operations must be delegated to authorized employees only and be approved by multiple parties in the company, ensuring the transfer necessity
|Set limits to card transactions to avoid excessive spending
|Ensure that you have additional security tools, such as software that analyzes user behavior, to pinpoint any suspicious activity
|Prepare a clear plan of action for cases where you suspect the involvement of fraudulent activity and other security threats
|Check transfer information regularly and track our instant notification to always be aware of all operations
“It is important to remember that fraudsters can use different channels to reach out to their potential victims, social media and applications such as WhatsApp included. In such cases, they will likely ask for your personal information. Remember that no licensed financial institution, including Genome, will inquire about your personal details via social media.”Džeineta Dalia Pumputytė
How to foster a culture of compliance and vigilance among the staff to prevent wire transfer fraud
Have a strong core for your compliance procedures:
- Establish an information security department (ISD);
- The ISD must provide a comprehensive security strategy;
- Based on the strategy, regular staff training must be implemented.
“Having a security strategy is crucial for your compliance efforts, as well as for the provision of training for your personnel. All the rules described in it must be written in a clear, accessible tone for staff to digest and memorize easily.”Džeineta Dalia Pumputytė
To keep up with current security threats, including wire transfer fraud, a company needs to:
- Regularly monitor potential threats and improve the strategy accordingly;
- Hold yearly tests for employees to refresh their knowledge of established policies;
- Have a system of penalties and rewards for breaking/complying with set security measures;
- Create an anonymous reporting system for suspected information misuse, fraudulent cases, etc;
- Delegate money transfer-related responsibilities to a select group of authorized employees and establish rules for authorizing and sending payments.
What you can do to minimize potential losses in case of a suspected wire transfer fraud
|Contact Genome immediately
|Isolate all accounts and systems that can be potentially affected
|Investigate the case internally to know the extent of the damage done
|Start implementing security protocols developed earlier for cases like these
|Contact the law enforcement
|Consult with the legal department to know how to proceed
|Notify staff, shareholders, and other relevant parties
|Find out which security protocols failed to prevent the incident
Examples of effective communication strategies for verifying wire transfer requests without causing inconvenience or delay
If your business receives a request for any money transfer, here’s how you can verify it:
- You need to have tools and software in place that will allow for the authentication of a person/company that requested a transfer.
- Know Your Customer procedures can be used to confirm the requestor’s identity.
- Your employees can contact a person/company that requested a transfer to confirm it.
- If you have doubts, ask for additional information and documents that support the request.
- Make sure your employees are educated on all due diligence procedures and follow proper authentication and confirmation methods before completing the transfer request.