A staggering 71% of finance professionals reported that their companies were victims of payment fraud in 2021, according to the 2022 Association for Financial Professionals (AFP®) Payments Fraud and Control Report, once again demonstrating that no industry is immune. In 2021, checks and ACH debits were the payment methods most impacted by fraud activity (66% and 37%, respectively).
A commercial card solution for B2B payments can help lower your risk of fraud by providing safeguards that protect against possible fraud. Built-in controls like chip technology, customizable merchant category code (MCC) restrictions, spend limits and cash access constraints reduce the ways in which criminals could misuse your cards. If suspicious use occurs, fraud alerts enable cardholders to quickly validate legitimate transactions or confirm fraudulent activity.
In addition to leveraging these built-in features, your organization can reduce the risk of fraud by becoming familiar with the latest scams and taking additional steps to protect your commercial card program.
Given the prevalence of fraud, it’s critical for companies to stay one step ahead of potential threats. Below are common scenarios for commercial card fraud attempts.
Urgent or persistent requests from senior leaders should raise suspicion
A fraudster spoofs an executive’s email account and sends an employee an urgent request to purchase multiple high-value gift cards
Verify any requests to ignore protocol or appeals for confidentiality
The fraudster presses the employee to activate the cards in-store, scratch off the claim code on the back to reveal card numbers and email a photo of the cards with all numbers visible
Make sure email addresses match your organization's standard email domain
The employee completes the request without reviewing the fraudster’s email for irregularities—such as an incorrect email address or poor grammar—or validating it internally
Validate fund requests by calling requestors at established telephone numbers on file
Money on the cards is quickly depleted by the fraudster and the organization bears the full loss
Account takeover is a similar scheme to BEC in which a criminal gains access to account information and poses as the cardholder. This type of fraud may take longer to notice and result in a greater loss.
Skimming devices can be placed unknowingly on a merchant terminal to capture card information when you swipe.
Using a contactless card helps reduce the chances that you’re defrauded by a physical skimming device. Or, add your commercial card to your mobile wallet for easy, tap-and-go payments that provide additional defense against fraud with payment tokenization.
J.P. Morgan commercial cards utilize chip technology that assigns a unique code to each card transaction and makes it harder for thieves to skim your data.
When a merchant falls victim to a data breach, your cardholder data could be accessed and stolen.
Encrypt all sensitive data at rest, limit user access to your account and implement card controls, including MCC restrictions and credit and cash limits; enroll to receive fraud alert notifications via SMS text message, email or phone.
We can send real-time text, email and voice alerts when we suspect fraudulent use of your account. Make sure your cardholders sign up to receive notifications.
Fraudsters can gain access to account numbers and personal data through phony links that trick you into providing information.
Be on the lookout for warning signs like a vague or incorrect email address, poor grammar, urgent language, requests for personal information and improper use of logos or graphics.
Learn more about best practices to defend against phishing attempts.
Your personal information is vulnerable when browsing online, especially over an unsecured connection.
Avoid free, unsecured Wi-Fi connections; choose strong passwords and update them frequently or use a password manager; conduct regular employee training on adhering to policies.
Our Fraud and Cyber experts constantly monitor the evolving threat landscape and take steps to verify client identity to help protect your account.
A virtual card payment solution—like J.P. Morgan’s Virtual Cards —enables an even higher level of security that can reduce vulnerability to evolving scams. In fact, J.P. Morgan virtual cards experience nearly 0% fraud1 when compared to other electronic payment solutions.
In addition to supporting MCC limitations, virtual cards put you in control of your payments with:
As fraud attempts continue to grow, it’s important for your organization to remain vigilant with prevention efforts. Educate your employees to recognize red flags and optimize your payment strategy to help reduce your risk and avoid costly mistakes.
Learn more about our Commercial Card solutions, including Virtual Cards, or contact us to start a discussion.
© 2022 JPMorgan Chase & Co. All rights reserved. JPMorgan Chase Bank, N.A. Member FDIC. Visit jpmorgan.com/cb-disclaimer for disclosures and disclaimers related to this content.
1 Fraud rate of 0.0005%, J.P. Morgan proprietary data, 2021