Part of our series on Security for Medium Businesses.
As we’ve covered extensively, the biggest security threat to organizations is theft. You’ve got money and people want to steal it from you. Tale as old as time.
Fraud is also vastly underreported. Almost no organizations publicize fraud losses because they fear losing credibility with customers and partners. In confidence, some businesses report losses: the AFP publishes annual summaries of fraud surveys they conduct. Within the 520 respondents in 2020, 74% reported attempted scams, with 36% reporting successful payment scams. The FBI also publishes a summary of trends in fraud reported to them.
The real rates are far higher: Just in card fraud alone, Global credit card fraud cost $32 billion in 2020. While no recent ACH or check fraud totals are publicly available, banks are increasingly worried that they may not be able to protect their customers from these threats.
The Easy Part
Despite what the news tells you, fraud is usually boring, and the best ways of preventing it are to change to more resistant methods.
This is usually enough for small organizations. If you only have several payment sources, it’s not much extra work to determine if transaction is fraudulent – you often remember what it was for because you were involved in the discussion.
What to Do Next
Larger organizations with many accounts and payment mechanisms usually warrant extra rigor; it’s easier for fraudulent transactions to slip through the cracks because nobody is looking closely at them all. This is especially true today: there are new cracks for criminals to slip through that didn’t exist 15 years ago, and traditional authorities on these subjects have been slow to catch up.
How does an organization stay on top of their actual fraud risk while spending as little as possible?
In this series, we’ll explore the current fraud landscape and identify the best ways of addressing each major threat. We’ll start with traditional processes and tools, then move to newer tricks of the fraud trade and how to address them.
Competently addressing fraud does not have to be complicated or expensive.