Business Fraud Tips
Keep your accounts safe
Review these tips and share them with your team to help prevent fraudulent activity on your account.
Hang up and call us
Lake City Bank will NOT call, email or text you and ask for your passwords, usernames or PINs. If someone contacts you and asks for this information, hang up and call Treasury Management Support at (844) 979-7164.
Reconcile carefully—we can help
Reconcile your statements right away, and verify the amount, check number AND the payee on every check that has cleared your account. Skipping the payee step could cause your company significant losses, because fraudsters have caught on to companies that verify check number and amount only. They change the payee name and deposit or cash the check. Consider Lake City Bank’s Positive Pay with Payee Verification. You use Business Online to submit a list of checks you’ve issued, including amount, check number and payee name. We notify you when a check is presented that doesn’t match your list of authorized checks.
Don’t forget ACH
Once a fraudster has your account number (which is on every check you mail), they can initiate ACH debits to your account. ACH Positive Pay allows your company to set dollar limits and allow or block specific companies from debiting your checking account with an ACH.
Verify wire and ACH transfers carefully
Lake City Bank requires dual approval to originate ACH and wire transfers through Business Online. To avoid fraud, be sure that both approvers are fully aware of the transaction request and that both individuals verify the authenticity of the request every single time. Make it policy to never reply to an email request for a wire. Call a number you know, or physically visit the individual requesting the payment, especially if they are time sensitive (requesting the wire in a hurry is a dead giveaway that it’s a fraudulent request). Fraudsters monitor social media to see when certain employees are out of the office, then impersonate the absent employee asking for an urgent transfer, knowing full well that it’s difficult to reach them for verification.
Difficult passwords are harder to guess
We require our Business Online users to reset passwords every 90 days, helping reduce the opportunity for fraudsters to use your credentials that they may have guessed or picked up from keylogging viruses on your computer.
- Make passwords difficult to guess by using a mixture of capital and lowercase letters, numbers and symbols. Don’t use real words longer than four letters. A small phrase (without spaces) is best—like !bAsik4Urx@mpl (read as “basic for your example”). You can use a phrase like this for a year or more easily, changing in January, April, June and September by using a number to correspond with the month—1 for January, 2 for February, etc.
- Never use the same password for multiple sites, especially if you log in from different places. If you log in from a personal computer at home that happens to have a keylogging virus, then the fraudster now knows your work password!
And in general
Make sure that all of your computers (desktops, laptops, tablets, etc.), servers, and networks are using the latest software with all security patches installed. Use a known Virus/Malware protection for each computer, server and network, and verify that definitions are installed and updated continuously. Using the latest software definitions and patches helps reduce the possibility of fraudsters gaining access to your systems. When you receive emails that contain attachments or links to external sites that you were not expecting, be cautious before clicking the link or opening the attachment—it’s the top method fraudsters use to compromise your system.