Premier Bank Logo
Automatic Payments for the 2021 Child Tax Credit program will begin in July. To learn more login to Online Banking.
Premier Bank Logo
Log into Online Banking
New to Online Banking?
Log into Online Banking
New to Online Banking?
Log into your Wealth account

Wire Origination Fraud

Wire Origination Fraud

Proper Procedures to Mitigate Risk


Wire Origination fraud occurs when an originator or third party generates invalid transactions using the name of the true originator. Use of the Internet and web-based wire origination systems has created this vulnerability.

We are here to help your business operate efficiently while managing the risk on digital services. Read on for our tips on preventing Wire Origination Fraud and our Fraud Prevention Checklist.

How does Wire origination fraud occur?

Perpetrators hack into the your company’s computer system using compromised User IDs and passwords and originate wire credits to “mule” accounts created for the express purpose of committing fraud.

Those accounts are then emptied and abandoned. Your company’s account is debited for the invalid wire file. The credits are usually irretrievable by the time the fraud is discovered.

Tips to Prevent Wire Fraud

  • Regularly update and patch all computer equipment used to operate Premier Bank’s Business Internet Banking wire origination software for security vulnerabilities.
  • Use and regularly update firewalls, virus protection, anti-malware protection and anti-spam protection.
  • Have one computer in your office be your sole source of access to the Business Internet Banking system.
  • Limit access to the computer which is used to house and transmit Wire data to help avoid the accidental downloading of harmful programs/viruses that could potentially compromise your transactions.

How does Premier Bank help my business combat wire transfer fraud?

Premier Bank’s Business Internet Banking makes mitigating the risk of fraud more simple for your business by providing technological advances to safeguard your digital banking experience. We offer your business peace of mind by providing some of the most comprehensive security and advanced fraud mitigation controls available.

Sign On Controls

Strong access controls are the catalyst for a secure digital banking experience. Premier Bank offers several standard and advanced authentication controls to confirm an individual’s identity prior to accessing Business Internet Banking.

Authentication_Credentials_2.png

Authentication Credentials

 

Multi-factor authentication at sign on is required for all business users and includes entry of company ID and user ID, plus password or hard or soft tokens. Premier Bank’s Business Internet Banking also requires complex passwords that include a combination of special characters, letters and/or numbers, are case sensitive and need to be changed every 90 days.

Set_Up_Authentication_2.png
Step-Up Authentication

If an individual or device (including mobile) is not recognized at sign on, our out-of-band authentication feature prompts an individual for additional information. With the entry of a code received through a secondary channel, such as voice or text message, the system provides an additional layer of authentication.

 

Session_Timeout_2.png
Session Timeout

Individuals are automatically signed off after 20 minutes of inactivity to help prevent unauthorized use.

Device_Profiling_2.png
Device Profiling

Extensive details about an individual’s network and device are automatically tracked at login. To identify potential fraud, the data is evaluated for consistency with the user's typical behavior. The results determine the next step in the sign on process and whether to require additional authentication or block the sign on.

           

User Controls

Additional safeguards are set at the individual user level allowing businesses to manage which activity and tasks select individuals can see and do.

Roles_and_Entitlement_2.png
Roles and Entitlements

Premier Bank’s Business Internet Banking offers the flexibility to customize individual access by assigning unique roles. In addition, Business Internet Banking supports entitlements for access to specific services or accounts, and submitting or approving transactions such as ACH, wires and bill payments.

Approvals_2.png
Approvals

Businesses have the option to layer additional security measures by setting various approval controls for each individual user. These include management of templates for ACH and wires, completing transactions and administrative functions.

 

Transaction Controls

Premier Banks’s Business Internet Banking provides several layers of transaction controls to provide advanced fraud protection.

Set_Up_Authentication_2-(1).png
Step-Up Authentication

In addition to the optional step-up measures at sign on, hard or soft tokens and/or out-of-band authentication may also be required for ACH and/or wire approvals. Personalized Wire PIN numbers are assigned to each individual who is authorized to send wires for verification purposes. Out-of-band authentication can also be invoked if a transaction is over a set amount.

Transaction_Monitoring_2.png
Transaction Monitoring

Premier Bank monitors activity and performs risk analysis on sensitive transactions. This optional service is available for ACH, wires and bill pay, and provides an automated layer of fraud detection that will immediately alert us to suspicious activity.

Approvals_2-(1).png
Approvals

Multiple approvals or dual control can be required for select transactions and based on transaction amount. Approvals may also be completed from mobile banking, allowing businesses to stay on top of higher-risk transactions anytime, from anywhere.

Limits_2.png
Limits

A variety of configurable limits are available for ACH, wires and bill pay. For example, daily limits can be set to a maximum cumulative amount, by account or service. Limits can be set at the financial institution, business or individual level.

 

Administration Controls

Alerts-(1).png
Alerts

Receiving notifications when a sensitive transaction takes place can make all the difference in quickly detecting fraud. Premier Bank’s Business Internet Banking offers a variety of mandatory and optional alerts to help businesses stay on top of their finances. Mandatory alerts are automatically sent for activity such as password, phone number or email changes, failed transactions, and e-statements availability. Businesses may choose optional alerts for individual profile changes, balance thresholds, template approvals, pending transfers and various bill pay activities.

Company_Administration_2.png

Company Administration

Premier Bank can provide additional peace of mind to your business by managing all administrative tasks on your behalf. This service helps businesses further minimize the risk of compromised administrative credentials being used to make unauthorized profile changes.

 

Key Takeaways for Preventing Wire Transfer Fraud

Effective_Passwords_2.png
Use effective passwords

  • Use strong passwords or password phrases that are unique to each user (i.e. specific length and character type) , specify how passwords should be kept secret and never use default passwords.
  • Require employees to change password frequently.
  • Use password-activated screensavers.

Block_Potential_Intruders_2.png
Block potential intruders

  • Restrict access to your computer for business purposes only.
  • Protect your IT system – anti-virus/spyware software and firewalls.
  • Limit or disable unnecessary workstation ports/services/devices.
  • Automatic log-outs after a certain amount of inactivity.
  • Change all vendor supplied passwords.
  • Encrypt all data when moved and when stored.
  • Install updates as soon as they are published.
  • Log off computer or device when not in use.

Restrict_Access_2.png
Restrict access

  • Limit the number of locations where Protected Information is stored.
  • Keep paper records in locked cabinets.
  • Limit employee access to Protected Information, including server rooms.
  • Take precaution when mailing Protected Information.
  • Encrypt or mask electronic Protected Information.
  • Do no store Protected Information on portable devices.
  • Transmit Protected Information over the internet in a secure session.
  • Establish an Internet Acceptable Usage Policy.

Educate_Staff_2.png
Educate Staff

  • Keep Protected Information safe and secure at all times.
  • Mask Protected Information in communications, such as phone calls, emails and snail mail.
  • Do not take financial/banking info by email alone. Implement a call back policy to confirm all banking information and changes as multi factor authentication.
  • Make staff aware of security policies in place. Make staff aware of phishing scams, via emails or phone calls.
  • Notify staff immediately of potential security breach. Establish a Clean Desk Policy.
  • Encourage employees to avoid using free web-based email accounts
  • Do not post executive email addresses publically.
  • Do not post organizational structures publically as this can be used for social engineering.
  • Report and delete all spam and suspicious phishing attempts as this can proliferate your company and email systems.
  • Do not reply to emails, but instead forward back to recipient executive as fraudsters will use misspelled emails to divert emails. 
  • Do not allow employees to access personal emails on the same computers used to initiate wires or business internet banking platforms.

 

 

Fraud Prevention Checklist

We want to minimize your down time and cost of recovery so you can stay focused on your business. Check out our Fraud Prevention Checklist.

 

Security for your Business

Talk with a Treasury Management Specialist for ways to help prevent credit card theft, check fraud and liability exposure.

Related Topics