Fraud Schemes

Fraud attacks are inevitable for most businesses, and fraudsters are getting smarter and more patient. Impostor fraud, also known as Business email compromise (BEC), is a significant threat to your business. BEC is where a fraudster impersonates a vendor, a company executive, or another trusted trading partner—ultimately tricking you into making the payment to them. This kind of fraud is very hard to detect because you have been deceived into actually being the one making the payments.

Account Takeover is another serious fraud threat where fraudsters use your online credentials to gain access to your bank account, “taking over” as you to make and authorize payments. This means that they are making and authorizing payments as you using your credentials, a process that can happen via malware or social engineering. 

Learn about impostor fraud, account takeovers, and data breaches, and how you can protect your business.

Impostor fraud

Impostor fraud involves a fraudster posing as a person or entity you know and trust — an executive of your company, a vendor, even the IRS.  The impostor contacts you by phone, email, fax, or mail and submits an invoice or requests a payment or a change to vendor payment instructions.  If you fall for the scam, any payments you send go to the fraudster instead of where you intended.

Guidelines for a strong fraud protection program

Here are some best practices you can use to help protect your accounts from online fraud.

  • Verify your vendors payment instruction changes – Require all changes to vendor payment account numbers or payment type to be made in writing on the vendor’s letterhead and verified with a call to the vendor’s telephone number in your files. You should always "Verify before you initiate” and “Verify before you approve.”
  • Educate your employees – Remind your employees not to click on links purporting to be antivirus or anti-malware software, do not download files from unknown sources or respond to on screen pop-ups especially ones asking you to enter your contact information. Ignore pop-ups seeking your online banking credentials and be cautious of unexpected token prompts or unsolicited calls to assist you for unreported log-in issues.
  • Protect your access credentials – Never give out your password, PIN or the PIN + token code combination (pass code). If you receive an email, phone call, or text message claiming to be from your financial institution, asking for this information, it is likely a “phishing” attempt. Do not respond to it. Report it to your financial institution immediately.
  • Strengthen your internal controls – Implement dual custody on all online payment services (ACH, wires, instant payments, foreign exchange) and Administration services.  Update antivirus and antispyware software and firewalls regularly.

If you spot an unauthorized transaction or unusual activity, immediately contact your dedicated client services officer or call 1-800-AT-WELLS (800-289-3557).

Learn more about impostor fraud.

Account takeover

Account takeover fraud is when the fraudster obtains confidential information – including user IDs, passwords, PINs, and token codes.  This is usually facilitated by using social engineering and malware.  They use the confidential information to access accounts and transfer money or commit other fraudulent acts.

These best practices can help fend off account takeover attempts:

  • Implement dual custody – and use it properly. Require all payments or user modifications initiated by one user be approved by a second user on a different device.
  • Keep antivirus and antispyware software up to date.
  • Never give out your online banking credentials.
  • Don’t click on links in emails or text messages, and don’t download attachments or install programs unless you’re certain they’re from a trusted sender.

Be wary of unsolicited phone calls from individuals who identify themselves as Wells Fargo employees calling to help you with an unreported system issue. If you receive a call like this, do not follow the caller's instructions. Immediately contact your Wells Fargo bank representative.

Be cautious about unexpected token prompts during your Wells Fargo Vantage℠ session. Vantage does not prompt for a token during sign on. Users are prompted for a token only when attempting to access high-risk payment services (such as wires, ACH, or foreign exchange) and when accessing administrative functions within Vantage. If you receive a token prompt at any other point than described here, do not enter your token code. Immediately contact your Wells Fargo bank representative. Users who are subject to the European Union’s Payment Services Directive (PSD2) or the Hong Kong Monetary Authority’s revised E-banking supervisory expectations are required to use a token code immediately after Vantage sign-on.

Learn more about account takeover fraud.

Data breach

A data breach is an incident in which sensitive, protected, or confidential data has potentially been viewed, stolen, or used by an individual unauthorized to do so. Companies that store credit card data aren’t the only ones at risk. If your organization has personal, financial, or health data on its employees or customers, you also have what data thieves want.

Take these steps to help protect your data:

  • Encrypt data
  • Tighten physical security
  • Lock USB ports on computers
  • Ensure you have adequate IT resources
  • Conduct penetration testing

Report Fraud

Act fast and follow these important steps immediately if you think you or your company might be the victim of a fraud or attempted fraud.

Treasury Insights

Visit Treasury Insights for tips and best practices on how to help protect your organization from the threat of fraud.