<img height="1" width="1" src="https://www.facebook.com/tr?id=852282609072225&amp;ev=PageView%20&amp;noscript=1">

Combat Fraudsters’ Rising Sophistication with Cybersecurity Vigilance

October 15, 2024
Jerry Brodnax
Jerry Brodnax

There are two things business leaders need to understand about the state of payments fraud today and the threat it poses.

First, the danger is not subsiding. Despite the coverage of cyber attacks in the news, and the ongoing prevention efforts of businesses, banks and law enforcement, the problem is nowhere near under control. In fact, it’s growing.

Second, and this helps explain why the danger is greater — the bad guys’ capabilities are evolving. Year after year, the fraudsters are becoming much more sophisticated and formidable.

 

Cybersecurity Awareness Month

Yes, the fraud problem is getting worse

Some 80% of organizations responding to the 2024 AFP Payments Fraud and Control Survey say they were victims of payments fraud attacks last year. That’s a 15-percentage-point increase over what AFP reported in its previous annual survey.

The 80% number also suggests that just about every business is being targeted these days.

So, if in the past you’ve heard about fraud incidents and told yourself, “it won’t happen to us,” that logic doesn’t fly anymore. Even if you have been lucky so far, it’s not a matter of if your business will be attacked, but when.


A big reason why: professional criminals

It's a vastly different threat landscape compared to just a few years ago. Today’s most dangerous fraudsters are no longer lone individuals operating out of a basement somewhere in the United States. Rather, in many cases, they’re foreign criminal enterprises with tremendous resources and discipline.

These organizations structure themselves like corporations and are comprised of professional criminals who use the latest technologies — such as artificial intelligence — and agile methodology to constantly finetune their tactics.

Their creativity knows no bounds. They can hijack email boxes and learn who in your business has authority to approve payments, what vendors you pay regularly, and which members of your staff have authority to initiate those payments. They combine that information with patience and effective social engineering techniques and — poof! — a payment goes out and your money is gone.


Fighting back: three fundamentals

While the nature of the fraud threat is evolving, the best practices for fighting back haven’t changed:


1. Stay aware and remain vigilant

Educate yourself and your team about the latest fraud threats. The two biggest ones we’re seeing today are business email compromise, where criminals con authorized payers into accepting fraudulent payment instructions as legitimate, and spoofing scams where they lure your payers to fake online banking login pages to key in their credentials.

Stay vigilant by regularly communicating with employees about such threats and make it clear your business’s success depends upon their strict adherence to security best practices.


2. Build and maintain an employee firewall

The key to keeping your business safe from fraud is effectively educating and training your employees.

The battle between your business and the fraudsters is invariably decided by whether the fraudsters can fool your employees into initiating an unauthorized payment or relinquishing their payment credentials. And here’s the heart of the problem: to keep your company protected, your employees must react correctly 100% of the time, while the fraudsters only have to fool them once.

With that in mind, arm your employees with the following critical guidance for protecting against two of the biggest threats:

  • Business email compromise. Be skeptical of changes in payment instructions or recipient account information. Always verify any changes using the contact name and phone number on file — but never using the phone number provided in the instructing email.

  • Website/URL spoofing. Always access our online banking platform by going to hancockwhitney.com and selecting from the Account Login dropdown. Never attempt to access it through a search engine or a saved bookmark.

You may want to consider working with a cybersecurity company that can assist you with cyberfraud education and monitoring employee compliance with your security best practices.


3. Partner with your bank

Finally, use Hancock Whitney as a cybersecurity information resource. Ask your banker about helpful bank products designed to curb fraud, such as positive pay for both checks and ACH payments. And take advantage of the guidance available at our Cybersecurity for Business website.

The products and guidance we offer can complement your cybersecurity efforts. But always remember: for your business to be successful in keeping the fraudsters at bay, your employees are your most effective line of defense. They must make good decisions and adhere to best practices on a daily basis. 

Related Topics:

Business Cybersecurity
Return to Insights

Related Posts

Martin Luther King Jr., National Day of Service

Honoring A Legacy by Helping and Caring

Forty-two years ago, President Ronald Reagan signed legislation designating the third Monday in January as a federal holiday honoring the life and legacy of Dr. Martin Luther King, Jr., whom many consider the most influential African American civil rights leader in the 1960s. Dr. King embraced and advocated peaceful means to achieving equality for all citizens, regardless of race. He was also instrumental in the passage of the 1964 Civil Rights Act and the 1965 Voting Rights Act, laws that advanced equality and opportunity for all Americans.

All Posts

Contact

Hancock Whitney Bank, Member FDIC and Equal Housing Lender Logo Equal Housing Lender. All loans and accounts subject to credit approval. Terms and conditions apply.

Hancock Whitney and the Hancock Whitney logo are federally-registered trademarks of Hancock Whitney Corporation. Copyright © 2025 Hancock Whitney Bank.
Back to Top