Moreover, with the advent of new and diverse digital payment channels, experiences and even currencies, comes the unintended consequence of new and inventive opportunities for fraudsters to advance and refine their evolving and relentless payment diversion scams in an effort to maintain their lead.
At PNC, we want to make you aware of ongoing threats and trends, as well as the solutions and tools that can help protect your company from the harmful effects of payments fraud.
While fraudsters employ various means to infiltrate or exploit their targets' networks, systems, protocols or personnel, two of the more common threat vectors are malware and social engineering. Both form the basis of many payments’ fraud scams.
The act of fraudulently manipulating people into performing actions or divulging confidential information. Social engineering scams typically align to two primary email communication variants:
Year-over-year, the occurrence and frequency of BEC/EAC fraud and its associated losses have steadily grown and remain incredibly high; in fact, between 2014 and 2020, aggregate losses due to this scheme have increased by more than 3,000%.
There were $6.2B+ in aggregate BEC/EAC losses between 2015 and 2020. 
Software or code that, once downloaded to a PC or mobile device, can be used to steal information, exploit system vulnerabilities, compromise access to data, and cause other damage or detrimental effects.
Fraudsters deliver malware through:
An additional tactic that fraudsters employ is Pharming, whereby malware is used to automatically re-direct a legitimate website’s traffic to a bogus version of that site for the purpose of harvesting credentials to steal information and/or facilitate a payment.
When it comes to cybercrime and payments fraud, every organization is a target, and none are naturally immune to its potential effects. The question isn’t whether your organization will face these threats; rather, it’s when and to what effect with respect to potential or actual financial harm.
A quick look at the stats:
A service that allows you to verify the existence of a U.S. bank account, gain insight regarding its status, standing and maturity, and authenticate its ownership or signatory authority.
A service that matches checks presented for payment against your company’s check issue file; “exceptions” are presented to you for a pay/return decision through PINACLE®, PNC’s top-rated corporate online and mobile banking platform.
A service that allows you to monitor and control ACH debit activity by establishing “rules” that filter the ACH debits coming into your account(s). Using PINACLE, you can review “suspect” ACH debits and determine whether to return them as “unauthorized.”
A service that restricts any ACH debit transactions from posting to an account.
A service that provides intraday information to help you monitor activity within your accounts.
A service that allows you to subscribe to receive notifications about key activities within PINACLE that can be delivered to the PINACLE Message Center, or directly to you via email or text message.
A software application that provides an additional layer of security designed to help protect your login credentials, including your PINACLE Company ID, Operator ID and password.
Help minimize payment fraud and returned transactions
3:35 min video
Fraudsters are shifting their attention from card-present to card-not-present transactions.
3 min read
A checklist of considerations for your organization
3 min read
Source: 2015-2020 Internet Crime Reports (FBI Internet Crime Complaint Center)
Source: Association for Financial Professionals Payment Fraud and Control Survey, 2021
Source: 2020 Internet Crime Report (FBI Internet Crime Complaint Center).
By clicking “Download”, you will be directed to a third-party website hosted by Trusteer, a third-party that is not affiliated with PNC Bank. While this software is a valuable addition to your fraud prevention strategy, PNC Bank will not be responsible for the content or effectiveness of the services associated with Trusteer’s software.
IBM and IBM Security Trusteer Rapport are registered trademarks of IBM in the United States.
PNC does not charge a fee for the mobile banking service. However, a supported mobile device is needed to use mobile banking. Also, your wireless carrier may charge you for data usage. Check with your wireless carrier for details regarding your specific wireless plan and any data usage or text messaging charges that may apply.
Read a summary of privacy rights for California residents which outlines the types of information we collect, and how and why we use that information.