PNC Protect

Fraud Prevention Tools – ideas and solutions that can help your company protect itself from cybercrime and payments fraud.

Safeguard Your Company Against Fraud

In recent years, the threat and occurrence of cybercrime and payments fraud has soared.
It continues to be a major challenge for businesses and banks alike
— regardless of size, geography, industry or sophistication.

Moreover, with the advent of new and diverse digital payment channels, experiences and even currencies, comes the unintended consequence of new and inventive opportunities for fraudsters to advance and refine their evolving and relentless payment diversion scams in an effort to maintain their lead.  

At PNC, we want to make you aware of ongoing threats and trends, as well as the solutions and tools that can help protect your company from the harmful effects of payments fraud. 


Common Attack Vectors

While fraudsters employ various means to infiltrate or exploit their targets' networks, systems, protocols or personnel, two of the more common threat vectors are malware and social engineering. Both form the basis of many payments’ fraud scams. 

Social Engineering

The act of fraudulently manipulating people into performing actions or divulging confidential information. Social engineering scams typically align to two primary email communication variants:  

  • Business Email Compromise (BEC), whereby a fraudster uses identity deception tactics like domain name or spoofing to trick the target into taking action; here, the attacker pretends to be a source known or trusted by their target
  • Email Account Compromise (EAC), whereby a fraudster hacks an individual’s personal email account and uses it to send legitimate messages to targets either known or trusted by the source; here, to their target, the attacker actually is a known or trusted source

Year-over-year, the occurrence and frequency of BEC/EAC fraud and its associated losses have steadily grown and remain incredibly high; in fact, between 2014 and 2020, aggregate losses due to this scheme have increased by more than 3,000%.[1]

There were $6.2B+ in aggregate BEC/EAC losses between 2015 and 2020.



Software or code that, once downloaded to a PC or mobile device, can be used to steal information, exploit system vulnerabilities, compromise access to data, and cause other damage or detrimental effects.

Fraudsters deliver malware through:

  • Phishing – unsolicited email containing an attachment or weblink that, once opened/clicked, installs the malware
  • Smishing – unsolicited text message containing an attachment or weblink that, once opened/clicked, installs the malware
  • Vishing – unsolicited telephone call purportedly from a legitimate company requesting personal and financial information and/or online login credentials

An additional tactic that fraudsters employ is Pharming, whereby malware is used to automatically re-direct a legitimate website’s traffic to a bogus version of that site for the purpose of harvesting credentials to steal information and/or facilitate a payment.

The Stark Reality of Fraud Domestically

When it comes to cybercrime and payments fraud, every organization is a target, and none are naturally immune to its potential effects. The question isn’t whether your organization will face these threats; rather, it’s when and to what effect with respect to potential or actual financial harm.

A quick look at the stats:[2]

  • 34% – Organizations that experienced actual losses from BEC in 2020
  • 66% – Organizations reported to be affected by a fraudulent wire transfer
  • 39% – Organizations reported to be affected by a fraudulent check payment

Learn More about
Cyber Security

Cybercriminals are constantly looking for ways to perpetuate payments fraud. Recognize the warning signs of common fraud schemes and take appropriate actions to protect against its threats.

Download Cyber Security Guide »


Organizations were targets
of an attempted or actual
payments fraud attack in 2020 [2]


Total reported
domestic losses due
to BEC/EAC in 2020 [3]


Organizations were targets
of an attempted or actual
BEC attack in 2020 [2]

PNC Fraud Prevention Solutions & Tools

As a PNC corporate client, you enjoy convenient access to a variety of effective and reliable tools that can help you limit losses from cybercrime and payments fraud.

Our product and solution professionals can work with you to understand your company’s needs and recommend specific services and optional service features to help your company enhance its fraud prevention posture. Below are just some of the services that we offer:


What It Is


A service that allows you to verify the existence of a U.S. bank account, gain insight regarding its status, standing and maturity, and authenticate its ownership or signatory authority.

How It Can Help You

A service that matches checks presented for payment against your company’s check issue file; “exceptions” are presented to you for a pay/return decision through PINACLE®, PNC’s top-rated corporate online and mobile banking platform. 

  • Ability to view digitized images of exception items
  • Quickly identify checks that are inconsistent with the data your company provided
  • Access to easily decision exception items

A service that allows you to monitor and control ACH debit activity by establishing “rules” that filter the ACH debits coming into your account(s). Using PINACLE, you can review “suspect” ACH debits and determine whether to return them as “unauthorized.”

  • Automatically block or flag as suspect incoming ACH debits that meet criteria as pre-defined by your company
  • Access to easily decision suspect items and create/modify filtering rules on an ongoing basis

A service that restricts any ACH debit transactions from posting to an account.

  • Returns fraudulent or otherwise unauthorized debits from posting to your account without the need for manual oversight or intervention

A service that provides intraday information to help you monitor activity within your accounts.

  • Enables you to monitor intraday activity within your company’s accounts
  • Allows you to quickly identify transactional anomalies for immediate research and escalation


A service that allows you to subscribe to receive notifications about key activities within PINACLE that can be delivered to the PINACLE Message Center, or directly to you via email or text message. 

  • Immediately alerts you as to payment-related entitlement changes and authentication activities

A software application that provides an additional layer of security designed to help protect your login credentials, including your PINACLE Company ID, Operator ID and password.

  • Once installed to a device, removes existing financial malware and prevents future malware infections
  • Protects credentials and personal information from key-logging and screen capturing attempts
  • Stops phishing attacks from stealing credentials and data


Mitigate Risk

Video: PNC Account Verification Services

Help minimize payment fraud and returned transactions

3:35 min video

Mitigate Risk

Payment Fraud Prevention: Combating Evolving Trends and Tactics

Fraudsters are shifting their attention from card-present to card-not-present transactions.

3 min read

Mitigate Risk

Protecting Against Fraud

A checklist of considerations for your organization

3 min read

If You are an Existing Customer

For product and service related questions, please contact your Treasury Management Officer or Treasury Management Client Care (TMCC) directly at 

Contact Us

If you have questions or would like additional information, please fill out this short form so we can get in touch with you. By completing this form, you are authorizing us to contact you (via email and/or phone) to answer your questions and provide information about PNC’s Treasury Management products and services.

* required fields

Important Legal Disclosures and Information

  1. Source: 2015-2020 Internet Crime Reports (FBI Internet Crime Complaint Center)

  2. Source: Association for Financial Professionals Payment Fraud and Control Survey, 2021

  3. Source: 2020 Internet Crime Report (FBI Internet Crime Complaint Center).

By clicking “Download”, you will be directed to a third-party website hosted by Trusteer, a third-party that is not affiliated with PNC Bank. While this software is a valuable addition to your fraud prevention strategy, PNC Bank will not be responsible for the content or effectiveness of the services associated with Trusteer’s software.

IBM and IBM Security Trusteer Rapport are registered trademarks of IBM in the United States.

PNC does not charge a fee for the mobile banking service. However, a supported mobile device is needed to use mobile banking. Also, your wireless carrier may charge you for data usage. Check with your wireless carrier for details regarding your specific wireless plan and any data usage or text messaging charges that may apply.

Read a summary of privacy rights for California residents which outlines the types of information we collect, and how and why we use that information.