The banking industry is seeing an increasing number of fraud attempts on businesses. Based on the latest scammer tactics, we recommend the following actions in order to avoid falling victim to a scam attempt on your business:

  • Review your usernames. Simplistic usernames such as first initial or first name, last name are easily exploited and used to try to gain access to your accounts using the "forgot password" feature.
  • Review the list of admins on your accounts and update as necessary.
  • Educate employees to ensure they are able to identify phishing, vishing, and business email compromise attempts.
  • Review procedures to ensure you have dual controls in place. It is recommended that you have dual approvals for both transactional and non-transactional activities, such as creating new digital banking users.
  • If you do not currently use Positive Pay, we encourage you to talk to your banker about this financial fraud prevention solution at your earliest convenience.

A Common Scam Scenario


The fraudster may be contacting authorized employees posing as someone from your bank (even spoofing the phone number so the caller ID or email address appears to be from the bank), requesting confidential information such as account numbers, social security numbers, debit/credit card numbers, or PIN. The scammers may also be requesting digital banking login information (username and/or password), stating that this information is needed to “reset” your online banking account due to fraud, or may be telling customers to stay on the phone while they send a text message with a one-time passcode needed to verify if the phone number on your account is correct. Once the caller or texter has been provided the passcode, they are able to reset the username and password in online banking and gain complete control. 
 
REMEMBER - your bank will never contact you to request personal information over the phone, text, or email. If you receive a call or text of this nature, hang up immediately and call using the phone number on the website to report the incident.

Red Flags to Watch Out For in Emails, Texts, or Unsolicited Phone Calls

  • They ask you to open a link
  • They use urgent or fear-inducing language
  • They send an attachment
  • They request personal info like PINs, passwords, or social security numbers
  • They pressure you to log into, or send money with, payment apps

If You Think You've Been Scammed


If you are a CrossFirst Bank client and have received such a call, text, or email, and provided your information in error, please call (844) 990-6190 immediately to report the incident.

Conclusion


Financial fraud poses a significant threat to businesses. By learning about some of the most common fraud scenarios, organizations can significantly reduce their risk of falling victim to these crimes. Remember, vigilance and education are key components in safeguarding your business's financial integrity.