Fraud Schemes

Learn about imposter fraud, account takeovers, and data breaches, and how you can protect your organization

Fraud attacks are inevitable for most businesses, with fraudsters getting smarter and more patient. Imposter fraud, also known as business email compromise (BEC), is a significant threat to your business. BEC is where a fraudster impersonates a vendor, a company executive, or another trusted trading partner—ultimately tricking you into making the payment to them. This kind of fraud is very hard to detect because you have been deceived into actually being the one making the payments.

Account takeover is another serious fraud threat where fraudsters steal your online banking credentials – typically using malware or social engineering – then use them to gain access to your bank account to make and authorize payments.

Learn about imposter fraud, account takeovers, and data breaches, and how you can protect your business.

Imposter fraud involves a fraudster posing as a person or entity you know and trust — for example, an executive in your organization or a vendor.  The imposter contacts you by phone, email, fax, or mail and submits an invoice or requests a payment or a change to payment instructions.  If you fall for the scam, any payments you send go to the fraudster instead of where you intended.

Guidelines for a strong fraud protection program

Here are some best practices you can use to help protect your accounts from imposter fraud.

  • Verify requests from vendors for payments or payment instruction changes. – Require all requests from vendors for payments or payment instruction changes be verified using a different communication channel than the one used to make the request. For example, emailed requests should be verified with a call to the vendor using the contact information in your own files. You should always "Verify before you initiate” and “Verify before you approve.”
  • Educate your employees – Remind your employees not to click on links purporting to be antivirus or anti-malware software, do not download files from unknown sources or respond to on screen pop-ups especially ones asking you to enter your contact information. Ignore pop-ups seeking your online banking credentials and be cautious of unexpected token prompts or unsolicited calls to assist you for unreported log-in issues.
  • Protect your access credentials – Never give out your password, PIN or the PIN + token code combination (pass code). If you receive an email, phone call, or text message claiming to be from your financial institution, asking for this information, it is likely a “phishing” attempt. Do not respond to it. Report it to your financial institution immediately.
  • Strengthen your internal controls – Implement dual custody on all online payment services (ACH, wires, instant payments, foreign exchange) and Administration services.  Update antivirus and antispyware software and firewalls regularly.

If you spot an unauthorized transaction or unusual activity, immediately contact your dedicated client services officer or call 1-800-AT-WELLS (800-289-3557).

Account takeover fraud is when a fraudster obtains confidential information – including user IDs, passwords, PINs, and token codes.  This is usually facilitated by using social engineering and malware.  They use the confidential information to access accounts and transfer money or commit other fraudulent acts.

These best practices can help fend off account takeover attempts:

  • Implement dual custody – and use it properly. Require all payments or user modifications initiated by one user be approved by a second user on a different device.
  • Keep antivirus and antispyware software up to date.
  • Never give out your online banking credentials.
  • Don’t click on links in emails or text messages, and don’t download attachments or install programs unless you’re certain they’re from a trusted sender.

Be wary of unsolicited phone calls from individuals who identify themselves as Wells Fargo employees calling to help you with an unreported system issue. If you receive a call like this, do not follow the caller's instructions if they ask you for your log-in credentials. Immediately hang up and then contact your Wells Fargo bank representative.

Be cautious about unexpected token prompts during your Wells Fargo Vantage® session. Vantage does not prompt for a token during sign on. Users are prompted for a token only when attempting to access high-risk payment services (such as wires, ACH, or foreign exchange) and when accessing administrative functions within Vantage. If you receive a token prompt at any other point than described here, do not enter your token code. Immediately contact your Wells Fargo bank representative. Users who are subject to the European Union’s Payment Services Directive (PSD2) or the Hong Kong Monetary Authority’s revised E-banking supervisory expectations are required to use a token code immediately after Vantage sign-on.

A data breach is an incident in which sensitive, protected, or confidential data has potentially been viewed, stolen, or used by an individual unauthorized to do so. Companies that store credit card data aren’t the only ones at risk. If your organization has personal, financial, or health data on its employees or customers, you also could be a potential target for cybercriminals.

Take these steps to help protect your data:

  • Encrypt data
  • Tighten physical security
  • Lock USB ports on computers
  • Ensure you have adequate IT resources
  • Conduct penetration testing
Report Fraud
Act fast and follow these important steps immediately if you think you or your company might be the victim of a fraud or attempted fraud.

Commercial Banking products and services are provided by Wells Fargo Bank, N.A. and its subsidiaries and affiliates. Wells Fargo Bank, N.A., a bank affiliate of Wells Fargo & Company, is not liable or responsible for obligations of its affiliates. Deposits held in non-U.S. branches are not FDIC insured. Products and services require credit approval.

Wells Fargo Bank, N.A. Member FDIC. Deposits held in non-U.S. branches are not FDIC insured.

RO-4935076

LRC-1025