The past year saw an explosion in the number of employees working from home, and many are expected to remain there. Seventy-four percent of chief financial officers expect some of their employees to continue working remotely for the foreseeable future, in fact, and 81 percent of workers currently settled into their virtual offices have no plans to return to brick-and-mortar ones.
Remote work may be here for the long haul for many companies, but successfully adjusting to this development requires a subsequent shift in businesses’ cybersecurity strategies. Unfortunately, fraudsters are also interested in the rise of remote work, looking for any gaps in businesses’ security measures that could allow them to slip in and skim money or data from firms. Both external hackers and malicious employees are looking to prey on companies making this jump. Phishing and ransomware attacks are up, for example, while 48 percent of companies noted a rise in employee embezzlement since March 2020.
In the May Preventing Financial Crimes Playbook: A Guide To Overcoming Commercial And Corporate Payment Fraud, PYMNTS examines how the ongoing expansion of remote work is creating cybersecurity challenges for companies as well as how implementing robust fraud prevention tools and features can help them keep out fraudsters — both external and internal.
Around The Payment Fraud Space
Businesses whose employees are now working from home are getting hit on all sides by fraudsters — including bad actors lurking among their own employees. External and internal fraudsters represent near equal threats to businesses, with external attackers representing 39 percent of bad actors to employees account for 37 percent. Collaboration between these two groups is also becoming more common as well, with approximately 20 percent of the current fraud faced by businesses coming from partnerships between internal and external attackers. This means that guarding against internal fraud should be a critical aspect of companies’ cybersecurity strategies, especially as remote working continues to be a part of the corporate landscape.
Many companies are also concerned that their remote workers could leave them more vulnerable to fraud in general. Fifty-eight percent of firms in the United Kingdom believe employees working from home will leave them open to data breaches, for example, and 35 percent of IT decision-makers believe remote workers have already knowingly put sensitive data at risk. It is important for companies to educate their workforce regarding popular fraud schemes as well as implementing tools or solutions that can better protect their sensitive information from malicious internal and external bad actors.
Business email compromise (BEC) — in which fraudsters use stolen credentials to mimic legitimate company executives or vendors in an effort to obtain money or data — attempts are turning into significant threats for companies during the great shift to remote work. The FBI’s Internet Crime Complaint Center (IC3) recently issued a warning about these attacks to U.S. businesses, noting that it had received reports of 365 BEC scams from victims in the state of Arizona in 2020. These victims lost a combined total of $30 million to BEC fraud, which shows how essential it is for businesses to safeguard their operations from these kinds of attacks.
For more on these and other stories, visit the Playbooks’ News & Trends.
Why Companies Must Adjust Their Fraud Protection Strategies For Remote Work Life
Businesses moved swiftly to comply with the public health and safety guidelines that have shuttered brick-and-mortar offices for the past year, adjusting to a world in which most of their employees now work from home. The expansion of remote work nevertheless exposed some of the cracks in companies’ traditional cybersecurity and fraud prevention strategies, Leon Brockway Jr., information security officer at Tompkins Financial Corporation, explained in a recent PYMNTS interview. To learn more about why businesses must revamp their fraud protection strategies for the emerging remote working world and how technologies such as multifactor authentication can help, read the Playbook’s Feature Story.
Deep Dive: Why Automation Is Key To Helping Remote AP Teams Take On Fraud
Seventy-eight percent of CEOs believe remote work models are here to stay, meaning it is critical for their companies to adjust what have typically been in-office activities to their current remote work realities. Fraudsters are also eyeing this shift, however, and are moving to target businesses’ weak points as they adjust their accounts payable (AP) and accounts receivable (AR) processes to accommodate remote workers. To learn more about how implementing technologies such as automation can keep remote employees and processes safe from fraud, visit the Playbook’s Deep Dive.
About The Playbook
The Preventing Financial Crimes Playbook, a PYMNTS and Bottomline collaboration, examines how corporate and commercial payment fraud is evolving, the most significant fraud risks faced by businesses and which technologies or solutions could be employed to best protect against fraud.