By JoAnne Sommers
Credit card fraud in Canada amounted to $440 million in 2012, according to the Canadian Bankers Association.
Internet scams, which were almost unheard of a decade ago, now account for many millions of dollars in fraud annually. Ottawa estimates that these types of incidents have increased 77 per cent since 2005.
Other sources of fraud are the result of poor security across a business, such as inadequate network and computer security and a lack of background checks when hiring employees.
Fraud hurts more than your bottom line – it affects customer confidence and reflects poorly on your business as well as your personal reputation. And because many business owners are embarrassed to admit they’ve been scammed, much of it goes unreported, says Daniel Williams, senior call taker supervisor with the Government of Canada’s Anti-Fraud Centre in North Bay, ON.
Despite the increasing incidence of fraud, it’s important to be aware that there are ways to protect yourself against it, says Mohit Veoli, associate vice president, Fraud Management, TD Canada Trust. Here are some of them:
• Protect Credit Cards and Bank Accounts
One of the most frequent sources of fraud is credit card abuse – largely because few business owners take the time to carefully review their bills or they mingle business and personal accounts.
Start by separating your personal banking and credit cards from your business accounts. This will also make it easier to track your business expenses and report deductions on your tax return.
Next, make sure you use your card wisely. Don’t hand over credit cards or card numbers to employees or companies with which you aren’t familiar. Change to online bill payments or make sure to store paper bills securely.
The fastest growing fraud is “card not present fraud” for online purchases, says Veoli. “Fraudsters will purchase things online using stolen or lost credit cards because they usually don’t require a PIN number.”
To combat this type of fraud, Visa Canada has created Verified by Visa and MasterCard has instituted SecureCode, he notes. “These programs provide another layer of security by requiring anyone who buys something online through your website to use a password before purchasing. This helps customers to feel secure and provides better protection for merchants.”
• Guard Against Cheque Fraud
While cheque fraud is declining – thanks to the overall decreased use of cheques – it still accounts for the majority of payments fraud in North America. When accepting cheques, make sure the source is legitimate: check the date, signature, amount and look for any alterations.
Try to use electronic online or credit card payment options rather than cheques and issue individual payments for each expense so everything can be tracked back to specific invoices.
Restrict access to company cheques to those who need it, says Veoli. And put cancelled cheques on a DVD, which is stored carefully. Paper can easily be misplaced and fall into the wrong hands.
• Check Your Bank Accounts
Get into the habit of reconciling your bank accounts daily and if you see something suspicious, notify the bank immediately. Your chances of recovering the funds are much greater that way.
• Prevent Hacking
Talk to your financial institution about how to protect your online accounts from hackers and phishing scams. This includes understanding what your institution will and won’t ask for by email, such as password and account information.
Limit access to your bank account data. Install, use and regularly update anti-virus and anti-spyware software and email filters on all of your business computers and encrypt sensitive data, including emails.
Backing-up is a must and will make it much easier to continue working in case of a cyber attack.
Firewalls are another essential for small businesses, especially if customer data and other sensitive information are linked to the Internet.
• Have a Password Policy
Another way to protect your IT systems is to institute a password policy. Make sure passwords are changed regularly – every 60 to 90 days is good rule.
Ensure that passwords are complex (i.e. they should contain one upper case letter, one number and be a minimum of eight characters) and use different passwords for different online and system accounts.
• Use a Dedicated Computer for Banking
Use a dedicated computer for all your online financial transactions and, ideally, ensure it’s one that isn’t used for other online activity, such as social media, email and web surfing. That makes it much harder for outsiders to gain access to sensitive information.
• Always Report Fraud
If you experience fraud immediately report it to the local police, the Canadian Anti-Fraud Centre (http://www.antifraudcentre-centreantifraude.ca/english/home.html) and your financial institution.
“Businesses don’t want to look vulnerable and, because fraudsters cover their tracks in advance, it’s often difficult to go after them. But the more information we get, the more we can make life difficult for them. And any money you can recover from the bad guys makes it less attractive to them,” advises Williams.
(This is the first of a two-part series about fraud. In the next issue: How to Control Employee Fraud)