鈥溌槎勾 Talks鈥 hosts top professionals from different sectors of the lumber and building material industry to share their expertise, with a heavy emphasis on practical, tactical strategies to help you serve your markets and grow your business.
Join 麻豆传媒 Talks host, Thea Dudley, as she brings her razor-sharp expertise to dissect trends, regulatory changes, and offers real-world advice for credit professionals. This week, Thea discusses fraud, a huge challenge for businesses around the country. In this episode, Thea breaks down the Payment Fraud and Control Survey shared by the Association of Financial Professionals and Truist Bank to help you understand your risk and ways to prevent it from happening in your company.
Subscribe and stay up to date as we add more experts on key topics. Listen now and subscribe via your favorite podcast provider below:
听
Prefer to read about it instead? Take a peek at the transcript below for Episode 2: The Probability of Experiencing Fraud + Ways to Minimize Risk.
(Editor鈥檚 note: Transcript is AI-generated and may include some errors.)听
鈥淗ey everyone. Welcome back to another edition of 麻豆传媒 Talks Credit. This is the only podcast you can go to to talk about trade credit, specifically to the lumber and building material space. I鈥檓 Thea Dudley, your host, also known as the Credit Overlord, and we are kicking off another edition talking about fraud. Now, for those of you that haven鈥檛 tuned into us before, this is all things trade credit, whether it鈥檚 processing credit apps, AR management, collections, you know, whether you鈥檙e a beginner, whether you鈥檙e a seasoned professional, we have something for everybody. And although we love putting out the webinars once a month, I love doing those webinars with you. You guys come up with some amazing topics, and you come up with some great questions along with the credit advice column. Love getting your questions on those.
But let鈥檚 face it, sometimes you can鈥檛 wait for a column or for a webinar. You need to talk about what鈥檚 happening right now, and fraud is so timely. So this is a huge challenge for credit professionals, not only in our space, but for everybody across the country. I don鈥檛 know one business that鈥檚 not affected by it. So one of the things I look forward to every year, I, if this is what I yeah, I鈥檓 embarrassed, almost embarrassed to say that I look forward to this every year, because it makes my world sound so small and so tall. I gotta get some better hobbies.
Right around the second week of June, the payment fraud and control survey comes out, and the Association for financial professionals puts this out, and they do it in conjunction with truist bank. And this report鈥檚 been done for the last, I think, 20 years. 5000 Treasury professionals participate in it. And so it really has some great consistency, and you can kind of see the trends year over year. And so you鈥檝e got stuff to compare it to. I love when surveys come out, but I always want to know, okay, what鈥檚 happening? What was the year before? What was it five years is there a trend? Is this cyclical? Same reason that I like tracking KPIs, I like seeing what the DSO is doing, you know, year over year. But I digress. Let鈥檚 talk about the highlights from this particular survey. So 80% of organizations reported that they had payment fraud attacks or attempts of some type in 2023 that鈥檚 a 15% increase from the year before. I think that鈥檚 a ton. Sally, you really 15% that鈥檚 a lot.
Okay, for those of you that don鈥檛 know and have never met Sally. Sally is our producer here for 麻豆传媒 Talks Credit. She does an amazing job, and she鈥檚 new to credit. She鈥檚 new to ours. By fact, she doesn鈥檛, she鈥檚 learning a lot about credit that she didn鈥檛 really want to know. So I鈥檓, you know, I鈥檓 trying to channel her in a credit professional. And then, you know, maybe we can. We can actually, I think Rick could kill me if I, if I turned you into a credit manager. But girls got a hope. Girl鈥檚 got a dream. So 15% seems like a lot, doesn鈥檛 it? Yeah, I just I 15% is amazing, and checks continue to be the most vulnerable to fraud. Now you all remember check fraud, especially when there was, like, check washing. Someone would steal a check out of your mailbox. They would wash it, you know, kind of it goes through, like a little solution, takes off the ink from it, and they let it dry, and then they can repurpose it and make checks for stuff you did not know you wanted to pay for.
So 65% of the respondents to this survey reported that their organization had check fraud. That鈥檚 65% that鈥檚 over half, those are not those are not good odds. Anything that鈥檚 more than half is bad. So it continued to go on with fraud due to inter interference by the post office. I love how we politically corrected that interference by the post office is up 10% so that鈥檚 somebody stealing out of a post office box your mailbox. Could be a letter carrier. Could be somebody in the post office, but when they say interference, a lot of times, they don鈥檛 tell you exactly where the interference is coming from. We鈥檙e gonna talk more about that.
20% of respondents in this survey said that they had some type of fraud going on with this. They had experienced some type of interference with the post office, so whether that was it being taken out of a mail drop or their own mailbox out front. And I know I sound like a broken record, I keep talking about get a payment portal, pull a credit report. I know that everybody thinks I鈥檓 employed or I have, like, a side gig going with the credit reporting agencies, but a portal is probably not probably a portal is the best way to combat a lot of these frauds, and we鈥檙e going to talk. We鈥檝e only topped up the tip of the iceberg on this, so let鈥檚 talk a few more highlights. I. So for the first time in history of this survey, ACH payments surpassed wire, you know, wire fraud as the most vulnerable type for BC fraud. And BC is just business email fraud. So now you only you have old school fraud, like, you know, stealing out of your, you know, your post office box, but now you have, like, a little more high tech now we鈥檙e stealing through email. And you guys know what I鈥檓 talking about. It鈥檚 you get a suspicious email. You don鈥檛, you kind of look at it. You鈥檙e like, Oh, somebody鈥檚 asking me via email. One of our customers is asking me to change. You know how we do something? Or somebody within our company is saying, Hey, we鈥檙e changing the routing on this and you don鈥檛 check it out, maybe you don鈥檛 catch it. Or somebody hacks into your email and start sending out stuff to your customers, saying, Hey, we鈥檙e suddenly changing something. This is where you need to send your payments now. So ACH is surpassed wire fraud as far as this goes. And even as most payment methods continue to be vulnerable to business, email fraud, you know, BC payment made via ACH, 47% and wire transfers, 39% are the most targeted.
So it鈥檚 easier for someone to get you to switch an ACH because, you know, let鈥檚 face it, everybody鈥檚 busy. I know we should all be like watching for phish, phishing, smishing, all kinds of issues. But it does get overwhelming. Not only do you have to know what鈥檚 happening in credit, you have to know payment, collections, mechanics liens, joint checks, you鈥檝e got to deal with collecting money now you have to look at every single email that comes in and eyeball it to see if there鈥檚 a dot where it shouldn鈥檛 be, or somebody鈥檚 name is slightly misspelled. But most of us, we look at something, your eye kind of glazes over it. You don鈥檛 really notice that that, that, you know, BEC fraud is happening, so you have to be constantly vigilant on it, and you know, kind of see what鈥檚 going on. But 47% of Ach, according to this survey, was vulnerable, you know. So it was up almost what eight, 9% from what wire transfers were, and of the organizations that were victims to payment fraud in 2023, 30% were unsuccessful in recovering funds due to fraud. So 30% now, okay, I understand that you鈥檙e like, Okay, well, 70% were successful, okay, but 30% that does not feel good when you鈥檙e in that 30% that costs a lot of money. That doesn鈥檛 even count your bad debt.
So now you all now you have bad debt to worry about, but now you have thievery. So you know, on an up note, 41% of organizations were successful in recovering at least 75% of the funds that were stolen from them. You know when? Or they say funds lost, honey, they weren鈥檛 lost. They were stolen. I nobody lost them. You know, it鈥檚 not as common anymore to hear, Oh, we lost a check in the mail. It鈥檚 like, I have a solution for that. You could have just paid me on my portal, and we could have gotten around all of this.
The other thing too is, if you鈥檙e seeing like a business email, it鈥檚 that that BEC fraud. It鈥檚 really hard to do that fraud through a portal. And you know, I鈥檓 going to grab one of our, one of our portal contributors, and, you know, kind of have them talk about a few things there, but we鈥檒l save that for another episode. But you know, that鈥檚 our bright note. Our bright note is 41% of organizations were successful in getting at least 75% so less than half got more than half. I don鈥檛 really like those odds. I might, I might as well just go to Vegas and gamble the company鈥檚 money. So that鈥檚 our that鈥檚 our bright note. Less than half of the organizations impacted. So if that鈥檚 not depressing enough, that鈥檚 not enough to make you go, I鈥檝e never everybody just, everybody just needs to pay me. COD, the post office is not a secure bet for mailing your checks.
I know I kind of alluded to that earlier in this podcast, but on July 11, news came out that two former postal workers abused their positions to allegedly, and let me quote this, allegedly pull off one of the biggest thefts at JFK International Airport. So the charges allege that there were, you know, five defendants stole, sold and fraudulently deposited millions of dollars in US Treasury checks, which, you know, included, you know, pandemic relief and some other like IRS payments for their own benefit. So of those five, two were former postal workers, so they knew how the system worked and how to get in it. There was also a case in Montgomery, in Montgomery where a formal postal service and. Employee was convicted of stealing checks and documents from the mail like okay, and then in the Houston area, another case involved a man who stole mail, including checks from us, postal services, collection boxes. Now he was sentenced to federal prison for possession of stolen and aggravated identity theft. But whether it鈥檚 the post office or somebody outside of the post office stealing your checks, it I want to cut that whole section out of this process. It鈥檚 like, if I could just take the post office out of my business, that would be great. I want to do everything via portal. And I know that sounds contradictory to what I just said about email fraud, but if I have a portal in place, there would be no reason for even if somebody got an email from us that said, Hey, we鈥檙e changing our routing. It鈥檚 like, well, I can go into your your portal and see that nothing has changed. I can see that everything is still going. I want to be able to put a link out there, whether it鈥檚 Ach, whether it鈥檚 credit card, and I, I hear you on the credit card. I know that 3% is a lot to give up, but you know, let鈥檚 can we? Can I roll you back to these numbers where 41% less than half recovered 75% and that was our bright note.
So one way or another, you鈥檙e going to pay or Well, we haven鈥檛 experienced fraud, so it鈥檚 okay. It鈥檚 like, well, it鈥檚 okay. Now it鈥檚 a lot different story when it turns out that it was you that got stolen from. It is a beast to collect from. You know, I was involved with a company where we ended up having almost half a million dollars stolen, and it took two years about 1000 man hours. And yes, we did recover about 18,000 all, but $18,000 of it. But at what cost you have all those employee man hours your care? You鈥檝e got this blanketed bunch of money for, you know, two years. So the value of your money, even though it was great to get it back with no help from the post office, no help from federal government, so the more I can do to cut anybody, any third party, out of that that has hands in place, portals or like little robots, they just go right through. So now that I鈥檝e depressed everybody, and I think everybody鈥檚 kind of like, okay, I鈥檓 going to start day drinking, because this is now my job. What can you do? I know I just harped on you to utilize payment portals for all customer payments that you possibly can preferably something with two factor authentication so that it makes it Hey, they have to log into the portal to be able to see their account. It鈥檚 not just hey, I鈥檓 sending you this so somebody can you know, you鈥檝e got that extra layer in case you do get hacked.
So pay close attention to emails that request change banks, routing numbers, changes to payments, all of those things should be a clue. I know everybody鈥檚 busy. I know it鈥檚 I鈥檓 not going to say that you鈥檙e going to catch every little thing, but the more vigilant you can be, the more alert and the more suspicious. Anytime someone asks me to change something like that, it鈥檚, Hey, that鈥檚 not that鈥檚 not normal. Why are we doing that? It seems out of the blue, and most of the time a company will call you, or something will come out on a company letterhead, and they鈥檒l talk about, hey, we鈥檙e changing. We鈥檙e moving from pushing out checks to ACH. We need you to log in and authorize your account or set up your account. They鈥檙e going to be asking for something. There鈥檚 going to be something on their letterhead. They鈥檙e not just going to send out some random email. Random email. So pay close attention to any details in those emails. Normally, a random email is not how companies roll out changes for banking or payment request habits. Check the email address that the email came in from, really close when you read say, you do get something like that. Look at it. You can see those ones. I think everybody gets those ones from, Hey, your package is being delivered. And you know, it鈥檚 like, Oh, I鈥檓 getting a package. You didn鈥檛 order something. You know, you鈥檙e not getting a package. So don鈥檛 click on the invoice. Don鈥檛, you know, automatically respond. It鈥檚 that鈥檚 not happening. So check where it鈥檚 coming from closely. Fraudsters change little details, and they usually have spelling errors. It鈥檚 like, okay, if you鈥檙e going to, if you鈥檙e gonna BS, me, could you get a thesaurus or a dictionary and maybe, you know, turn a phrase a little better? Or spell check. You know, Microsoft has spell check.
Everybody has it consistently. Review your AR for past dues. You can find out if somebody who has suddenly paid on time, and they鈥檝e been going along just great, and now they鈥檙e late, that could be a missing check, and the sooner you identify that, the better. So if you call somebody, you鈥檝e got a customer, you call and you鈥檙e like, hey, you know, normally you guys pay right around this time. I haven鈥檛 seen anything. I鈥檓 just asking because we鈥檝e, we鈥檝e experienced some fraud, I know. There鈥檚 a lot going out there. I鈥檓 just trying to be vigilant. So a lot of times when you disarm somebody and you tell them, hey, I鈥檓 not done in you. I鈥檓 not hey, you鈥檙e one day past due. What the heck鈥檚 going on here? I鈥檓 just trying to stay on top of things. You guys normally pay around this date you鈥檙e running, you know, four or five days late. This is not normal for you. You know, I鈥檓 just a little concerned. And if you don鈥檛 have cybersecurity training programs for your employees, for your back office processes, you need to maybe consider not maybe you need to consider doing that. It is a small price to pay, to invest, to educate your employees. It鈥檚 got to be consistent, consistent, and you鈥檝e got to have conversations about this type of situation with your employees, with your team, so they know what to watch for. And taking a couple of extra minutes to double check the email, double check the message, you know, hey, send it to your IT department. This looks suspicious. I hate to sound like a, you know, like a paranoid or I think everybody鈥檚 out to get me, but I鈥檇 rather be safe and waste a few minutes of its time than to have the whole company go on. Thanks a lot. Thea whole company shut down. We can鈥檛 get back up for weeks, and now our system鈥檚 been hacked because you had to click the button, or we lost a bunch of money because you ended up changing some things that you shouldn鈥檛 have.
So always ask questions. No one鈥檚 ever gonna get mad at you for that. And then there are firms out there that will push training out quarterly with testing to educate your team. And in those situations, you know, you hire them, they deploy training once a month. You know, little scenarios. They make you pick out what you think looks like the fake email, and then they go ahead and let you know, Hey, did you pass or fail? And if you failed, you鈥檙e going to be taking that test to get a bunch so speaking from personal experience, you know, if you turn it on and you don鈥檛 really listen to it and you just try to click the answers, they catch on to you.
So those are some things you can do to minimize the fraud. But it is. It is out there. It鈥檚 powerful. And we didn鈥檛 even touch on a lot of credit card fraud in this and we鈥檙e seeing that on a level, you know, all over the country, with cod customers, customers coming into branches, and they, you know, maybe they put down a credit card. You run it. Maybe it鈥檚 a customer you鈥檝e never seen before. It鈥檚 some guy you know XYZ houses. He comes in, he鈥檚 like, Here鈥檚 my card. You don鈥檛 ask for any type of ID. You just take everybody鈥檚 busy. You take the card. You just assume this, Hey, his boss sent him in with something. It鈥檚 not my card. My boss sent me in here to buy something. If you鈥檝e never heard of them before, and they鈥檙e taking materials, or they鈥檙e having it delivered, and, you know, next thing you know, a week goes by, somebody files a credit card discrepancy report. Hey, I didn鈥檛, I didn鈥檛 buy it, you know, and buy $15,000 worth material from, you know, this yard over here, and then you鈥檝e got fraud happening.
So credit card fraud has been really big, so just keep your eye out for that as well. That is our episode for this particular week. And on behalf of Sally and I, please tune in for our next one, which should be in about we鈥檙e running about every two weeks. Stop in, send your questions, anything you want to know, anything that鈥檚 going on in our industry, we are happy to review it with you. This is 麻豆传媒 talks credit. I鈥檓 Thea Dudley, your host, also known as the credit Overlord, and we will be talking to you next time about trade credit in the building material space. Until then, happy collecting.鈥
