At Wells Fargo, the security of your company’s financial information and your assets is a top priority. As online fraud becomes more sophisticated, so does our approach to security. Our ongoing investment in fraud protection protocols helps us protect your accounts and helps detect when they may be at risk, even as threats evolve.
- Layered security approach. We require tokens for high-risk functions such as money movement and user administration.
- Data encryption. We use advanced encryption to help protect against unauthorized access.
- Credential protection. To protect the privacy of your confidential login information, we never ask for your IDs, passwords, or token codes over the phone or through email or text messages.
- Session management. To help keep your online sessions secure, our Commercial Electronic Office® (CEO®) portal uses separate windows and never uses pop-up windows, which launch automatically and carry higher security risk.
- Product security. To strengthen your control of crucial information and help safeguard your data, we build advanced security features into our products and services. As an example, we will not release payments if they include previously confirmed fraudulent beneficiary information.
- Product offerings. We offer several fraud protection services, including ACH fraud filters for electronic debits and credits.
- Advanced technology. We use multiple methods of detecting suspicious online activity and fraud. Many of these methods are undetectable by both the users of our Internet portals and by the fraudsters themselves.
- Monitoring unusual activity. Our fraud teams actively monitor portal activity. We look for “out-of-pattern” behavior and other suspicious activities occurring at the time of login or at transaction submission, including transactions that exceed established payment limits.
- Risk evaluation. We systematically evaluate the risk associated with transactions and investigate any transaction that exceeds an established risk threshold.
- Industry partnership. We work closely with anti-phishing and anti-trojan vendors and actively share fraud forensic data within the industry.
- Law enforcement coordination. We work with law enforcement agencies to share intelligence and investigate fraud incidents that could affect our customers.
The bad news is that you can’t stop fraud attempts. Today’s embezzlers, organized crime rings, and fraudsters are opportunists just looking for an opening. If you leave a door ajar, they will find a way in and steal from you.
The good news is that you can stop thieves and help foil most fraud attempts by putting the right fraud protection program in place.
Six rules for a strong fraud protection program
Protect access credentials
Strengthen your internal controls
Educate your employees
Instruct your employees never to give out the credentials they use to access your online banking systems or accounts. Repeat this message often so it remains top of mind.
Our customers’ employees who were victims of phishing fraud tell us this happened for one of two reasons:
- They didn’t know about phishing fraud; they lacked education.
- They knew, but let down their guard; they needed to be reminded.
Remind your employees of the following:
- Do not click on links purporting to be antivirus or anti-malware software.
- Do not download files from peer-to-peer sources or other unknown sources.