Five ways to help protect your business from check fraud

Check fraud continues to pose a significant threat to businesses of all sizes, and bad actors are getting more creative and aggressive.

From check washing to email scams, these criminals have numerous tools to alter checks and it is imperative to have strategies in place to provide maximum protection.

Following are five ways to guard against fraud.

• Eliminate issuing and printing paper checks: With check washing on the rise (thieves steal checks from mailboxes then "wash" or remove the original ink, rewriting and altering the payee to themselves), companies should evaluate the way they exchange money with vendors and stop writing and mailing checks. In one recent case, a Chicago-area small business owner deposited $25,000 in vendor checks in a USPS mailbox that subsequently was broken into. Fortunately, the company's checks were not compromised but the business owner had to contact each vendor to confirm receipt.

Using electronic payments, such as ACH (Automated Clearing House) payments, virtual credit cards that exist for only one transaction, or an online, automated solution like Signature Bank's Finrails AP that facilitates business-to-business payments, can help. If you must write checks, experts suggest using a gel pen that cannot be erased with chemicals and enrolling for services like Positive Pay that help catch altered checks and prevent losses from fraudulent check cashing.

•Use Out-of-Band Authentication: Be aware of schemes that suggest a change in payment instructions and follow up on requests with another method of outreach. Out-of-Band Authentication (OOBA) enhances cyber security by using a secondary method of verification that is different from the original. For example, a vendor can request payment in an email sent via the internet and send a text message to a mobile device with a one-time verification code to confirm authentication. Secondarily, urge employees to confirm an email payment request with a phone call to the vendor, or verify a payment request made via phone with an email.

• Scrutinize the fine print: Emails from criminals look convincing but have errors that can be detected if examined more closely. Train employees to check for misspelled words, typos, and extensions that don't match that of the legitimate company (e.g. .com vs. .org). The differences can be subtle, but the consequences of providing confidential information in a response can be significant. Also, be aware of emails that use phrases like "code to admin expenses" and "urgent wire transfer."

• Get analyzed: IT firms and insurance companies provide wellness checks to evaluate cyber security. This proactive assessment identifies and eliminates threats and sets policies to prevent fraud.

• Be discreet with automated out-of-office replies: Automated out-of-office replies leave businesses vulnerable to criminals. If an employee must set an autoreply, they should not direct recipients to a specific colleague - that invites scammers to impersonate them and have a better chance at success with fraudulent monetary requests. Also, avoid announcing travel plans on social media outlets.

Guarding against check fraud is imperative for protecting businesses from savvy criminals. By proactively taking advantage of new banking technologies and providing employees with defensive strategies, companies will be less vulnerable to financial threats.

Signature Bank is Chicago's business bank, focused exclusively on serving the needs of privately owned businesses and their owners. Learn more at or contact Penny Foust at

Article Comments
Guidelines: Keep it civil and on topic; no profanity, vulgarity, slurs or personal attacks. People who harass others or joke about tragedies will be blocked. If a comment violates these standards or our terms of service, click the "flag" link in the lower-right corner of the comment box. To find our more, read our FAQ.