ALEXANDRIA, Va.—NCUA has sent a risk alert to credit unions warning the industry of the rise in business email compromise (BEC) fraud schemes and potential related losses. As CUToday.info recently reported here, the Financial Crimes Enforcement Network (FinCEN) has rolled out new efforts to curtail BEC fraud.
FinCEN reported BEC scams led to more than $300 million stolen a month in 2018 – more than three times what was reported in 2016.
In its alert, NCUA explained what BEC scams typically look like and encouraged credit unions to report such fraud to the FBI's Internet Crime Complaint Center, which created a recovery asset team last year due to the significant increase in complaints and losses.
Tips to Avoid Fraud
The agency also provided tips to help credit unions prevent such fraud, which include, among others:
- Never make a payment change without verifying the change with the intended recipient
- Verify the accuracy of email addresses when checking mail on a mobile device
- Use a two-step verification process to verify wire requests with members, and use information from previously known email addresses and phone numbers rather than what is provided in the wire transfer request
- Require staff to investigate and verify changes to members' personal information or business practices of the credit union's vendors or member business accounts