Payment fraud continues to soar, as a record 82 percent of organizations reported incidents in 2018, according to the 2019 AFP Payments Fraud & Control Survey, underwritten by J.P. Morgan.
Large organizations were particularly vulnerable to payments fraud, as businesses with revenue greater than $1 billion reported a jump of seven percentage points year-over-year to 87 percent. Organizations with revenue less than $1 billion experienced fewer fraud attempts in 2018, down four percentage points to 69 percent from 73 percent.
Business Email Compromise (BEC) also set a record. Eighty percent of companies reported BEC fraud last year, up from 77 percent in 2017. More than half (54 percent) of organizations reported financial losses as a result of BEC, the first time since AFP began tracking this data that this number climbed above the 50-percent mark. More than three-fourths of companies are responding by adopting stronger internal controls.
"Payments fraud is a persistent problem that is only getting worse despite repeated warnings and educational outreach," said AFP President and CEO, Jim Kaitz. "Treasury and finance professionals need to learn the latest scams and educate themselves—and perhaps more importantly—their work colleagues on how to prevent them."
"It is equally important for businesses to mitigate against non-financial implications of payments fraud," said Jessica Lupovici, Managing Director, J.P. Morgan. "Businesses stand to suffer reputational risk, which can be severe, expensive and require significant clean-up efforts."
Highly targeted phishing attacks, known as Business Email Compromise or CEO fraud scams have exceeded $12.5 billion in total known losses worldwide. These social engineering attacks are used by the bad guys to impersonate your CEO, CFO, or even third-party organizations you work with.
They convince your users, often in Accounting, HR, or even IT into making wire transfers or otherIdentify how many of your users take the bait...and reply to a spoofed email before the bad guys do!
Don't like to click on redirected buttons? Copy & paste this link into your browser: