Protecting Your Business from Fraud: Special Topic - The Unshakeables

Summary5 min read

Episode Summary: Protecting Your Business from Fraud: Special Topic

The Unshakeables episode titled "Protecting Your Business from Fraud: Special Topic" delves into the pervasive issue of fraud targeting small businesses. Hosted by Ben Walter and featuring Darius Kingsley, Head of Banking Practices at JPMorgan Chase, the episode provides invaluable insights into the various types of scams that threaten small enterprises, the evolving tactics of fraudsters, and actionable strategies to safeguard businesses against these malicious activities.

1. Introduction to Fraud in Small Businesses

Ben Walter opens the episode by referencing a previous discussion with Kylie Nichols of Nickel and Suede, who narrowly escaped a $20,000 scam. This sets the stage for the episode's focus on fraud, emphasizing its frequent occurrence and the significant impact it can have on small business owners.

Notable Quote:

"Fraud, especially targeting businesses, is something that happens far too often."
— Ben Walter [00:08]

2. Guest Introduction and Expertise

Darius Kingsley is introduced as an expert in banking practices with a specialized focus on fraud and scam prevention. He shares his role at JPMorgan Chase, highlighting his collaboration with risk teams, small business bankers, and government agencies like the DOJ and FTC to combat fraud.

Notable Quote:

"Small business owners are these days probably more targeted than ever."
— Darius Kingsley [01:04]

3. Common Types of Scams Targeting Small Businesses

Darius elaborates on the prevalent scams affecting small businesses, underscoring their sophistication and the vulnerabilities they exploit:

Business Email Compromise (BEC): Scammers impersonate trusted contacts to request fraudulent payments.
Phony Invoices: Fake invoices that closely mimic legitimate ones, altering payment details to divert funds.
Stolen Identity: Use of stolen personal information to carry out fraudulent activities.

Notable Quotes:

"You're really seeing a lot of the business email compromise scam... they look just like someone that you're used to transacting with."
— Darius Kingsley [02:19]

"It's very easy as well these days. Much easier than ever to copy an invoice."
— Darius Kingsley [02:19]

4. The Rise of Sophisticated and AI-Driven Scams

The conversation shifts to more elaborate and technologically advanced scams, highlighting how fraudsters leverage extensive research and artificial intelligence to deceive businesses:

Deep Research: Scammers gather detailed information about a business and its employees through social media, websites, and professional networks like LinkedIn.
AI-Cloning: Use of AI to create convincing replicas of emails, websites, and even voices to impersonate legitimate contacts.
Pig Butchering: Long-term investment scams that can drain an individual's life savings.

Notable Quotes:

"The scammers can very quickly go on LinkedIn, they can go on social media... and it's very hard... to scrub a lot of that from the Internet."
— Darius Kingsley [03:41]

"We're seeing the use of AI tools more and more... you get emails that look exactly like a major online retailer."
— Darius Kingsley [07:00]

5. Prevention Strategies for Small Businesses

Darius offers practical advice for small business owners to mitigate the risk of falling victim to fraud:

Cyber Hygiene: Regularly educate and inform employees about potential threats and the importance of vigilance.
Invoice Verification: Always verify the authenticity of invoices before processing payments.
Account Monitoring: Keep a close watch on bank accounts to detect any unauthorized transactions promptly.
Dual Custody Systems: Implement additional approval layers for significant financial transactions to ensure multiple checks are in place.
Resiliency Planning: Develop comprehensive plans outlining steps to take in the event of a fraud attempt, including immediate contacts at financial institutions.

Notable Quotes:

"Not all businesses have the resources to have a full cyber program, but there's a lot of some fairly basic things you can do."
— Darius Kingsley [05:09]

"Have a plan... who you will contact, who you will contact at your financial institution if you believe that there is a fraud."
— Darius Kingsley [05:22]

6. Banking Sector's Role in Fraud Prevention

The discussion moves to the proactive measures banks like JPMorgan Chase are implementing to shield businesses from fraud:

Dynamic Risk Monitoring: Continuously updating risk rules to identify and block suspicious transactions in real-time.
Educational Initiatives: Providing resources and information to educate businesses about emerging threats and preventive techniques.

Notable Quotes:

"We are constantly monitoring all the various frauds and the scams out there, and they're constantly changing."
— Darius Kingsley [06:29]

"A very large part of it as well is education."
— Darius Kingsley [06:29]

7. The Impact of Emerging Technologies on Fraud and Protection

Darius discusses the dual-edged nature of emerging technologies like AI in the realm of fraud:

Enhanced Scamming Techniques: AI enables the creation of highly realistic fraudulent communications, making it harder for businesses to discern genuine interactions from fake ones.
Advanced Protection Tools: Concurrently, AI and machine learning are being harnessed to develop sophisticated detection and prevention tools, offering businesses new avenues to protect themselves.
Collaboration with Tech Firms: Banks are partnering with government bodies, major retailers, and social media platforms to stay ahead of evolving scam tactics.

Notable Quotes:

"The AI tools enable you to clone invoices, clone websites a lot more effectively than we used to."
— Darius Kingsley [07:00]

"We're already using a lot of AI and machine learning... trying to get our arms around the tools that these scammers use."
— Darius Kingsley [08:22]

8. Conclusion and Final Recommendations

Ben and Darius wrap up the episode by reiterating the importance of awareness and preparedness. Businesses are encouraged to remain vigilant, implement robust security measures, and stay informed about the latest fraud trends and prevention technologies.

Notable Quote:

"Fraud and scams can come from anywhere, so please stay vigilant and have protocols in place for your business to make sure you and your business stay safe."
— Ben Walter [08:58]

Key Takeaways

Awareness is Crucial: Understanding the types of scams prevalent today helps businesses recognize and prevent potential threats.
Implement Basic Security Measures: Even without extensive resources, small businesses can adopt fundamental practices like verifying invoices and monitoring accounts regularly.
Educate Employees: Ensuring that all team members are informed about fraud tactics strengthens the overall security posture of the business.
Stay Updated with Technology: Leveraging AI and collaborating with financial institutions can provide advanced protection against sophisticated scams.
Develop a Response Plan: Having a clear action plan in case of fraud attempts ensures swift and effective responses, minimizing potential damage.

By addressing these areas comprehensively, The Unshakeables episode empowers small business owners to defend their enterprises against the ever-evolving landscape of fraud and scams.

Loading summary

Transcript26 lines

[00:03]
Darius Kingsley
Ruby.
[00:08]
Ben Walter
Hi, everyone, it's Ben. On the last episode of our show, we talked to Kylie Nichols about her company, Nickel and Suede. If you haven't heard that episode, please go back and take a listen. She was almost scammed out of $20,000. And unfortunately, fraud, especially targeting businesses, is something that happens far too often. In this episode, I invited Darius Kingsley, head of banking practices at JPMorgan Chase, to share his expertise on the topic. The conversation was much longer than what you hear in the episode, though, and Darius is a wealth of information, so we decided to devote a mini segment to my conversation with him. Darius, thank you for joining me today.
[00:48]
Darius Kingsley
Thanks, Ben. Appreciate it.
[00:50]
Ben Walter
So we wanted to bring you in because the story that we just heard from Kylie, that's all too common, sadly, and one that you see a lot of in what you do. So could you talk to us a little bit about what you do and why you're close to issues like this?
[01:04]
Darius Kingsley
Thanks, Ben. So in my role as head of banking practices, I spend a lot of time on fraud and scams and in particular fraudsters and scammers that are hitting our consumers. They target often the more vulnerable populations. You see them targeting elder and also the youth very heavily. But of course, everyone is targeted and small business owners are these days probably more targeted than ever. And so I work very closely with our risk teams. I visit our branches. I spend a lot of time talking not just with our consumer bankers who help individual customers, but also our small business bankers and try to hear from them the stories and the problems that they're experiencing when they have customers who come in who have fallen prey to a scam or maybe they've just sent a wire and they're not really sure where it went and, and they need help. And so I help try to piece together all of these things. And I'm also working even more closely than ever with government, particularly with the DOJ and the ftc, really trying to wrap our arms around it, not just as a bank, but even as an industry trying to help reduce the number of these scams.
[02:08]
Ben Walter
So it sounds like Kylie's company fell for one of these classic, straightforward kind of scams. So what are the most common types of scams that you see tell people sort of what you're seeing out there in the ecosystem?
[02:20]
Darius Kingsley
Yeah, unfortunately, that's right. I mean, look, small business owners are busy. You have a lot of things going on. You hire vendors and, or help and you assume and hope they're doing the right thing. And usually they always are. I will point out One thing Kylie did right was soon as she caught it, she contacted the bank. A lot of people sit on this. You probably have your business banker contact information, call them immediately, go to the branch if you can. The, the sooner you act, the better the chance of stopping the wire. For business owners, you're really seeing a lot of the business email compromise scam. It's really easy these days to fake an email and it looks just like someone that you're used to transacting with and they'll often ask you for payment details, for account details, other ones that we see businesses fall for phony invoices. So it's very easy as well these days. Much easier than ever to copy an invoice. You can change an invoice that a vendor sends, change the wiring instructions on it, change the payment information on it and it looks completely realistic. That's a very common one. Stolen identity that always remains a really big one.
[03:28]
Ben Walter
And what about some of the more sophisticated ones? I mean we read a lot now about pretty elaborate scams where people have been really doing deep research and people get compromised in other ways, emotionally, logistically and otherwise.
[03:42]
Darius Kingsley
Yeah, this is someone's job. Unfortunately this is what people do full time. So they do the research. And of course there's tons of information, information out there about us, right? There's lots of information about us personally. But if you're a small business, particularly if you're a consumer facing small business, you probably have all sorts of websites, pages up there, including past ones. The scammers can very quickly go on LinkedIn, they can go on social media, they can figure out who all your employees are, they can figure out who's in charge of the accounts and finances. Tech, if anyone is monitoring your cyber, they can learn who your vendors are. And it's very hard, as you probably know to scrub a lot of that from the Internet.
[04:22]
Ben Walter
Well, and a lot of our small business clients don't want to. I mean these are small businesses, they're trying to build up their reputation, they're trying to build up their client base. They need people to be able to find them.
[04:32]
Darius Kingsley
That's why I think it's important to couple that awareness that you have a public facing Persona, you have to in order to run your business, but it is also going to open you up to more targeting. And on a personal side for individuals, you see these romance scams, or what we call also pig butchering, which are basically like investments or crypto scams. It can take months, even years to play out, but the payoffs are huge, literally can deplete someone's entire life savings, millions of dollars. But this shows the level of targeting that scammers and fraudsters will bring.
[05:06]
Ben Walter
Let's talk about some of the things that people can do about it.
[05:10]
Darius Kingsley
There is a lot I'd start with cyber hygiene. I mean, first of all, even within your business, you should all talk about it. Everyone should be aware that you're a target. Talk about it with all of your employees, Right?
[05:22]
Ben Walter
Sure.
[05:22]
Darius Kingsley
Not all businesses have the resources to have a full cyber program, but there's a lot of some fairly basic things you can do. These include verifying all of your invoices. You can regularly monitor your bank accounts. If you can establish dual custody to have an extra set of eyes on payments, see if you can have maybe someone else approving extra large purchases in particular. The last thing I'll say in answer to your question is have a plan. I think a lot of people personally never believe that they'll fall for a scam or fraud. Most businesses should be thinking about a resiliency plan in general, like what happens if they can't open, if there's, you know, climate issue, whatever it is. It's not a question of if, Assume it's more a question of when. And have a plan for what you will do, who you will contact, who at your financial institution or institutions you will contact if you believe that there is a fraud or you may have made an erroneous payment.
[06:18]
Ben Walter
Can you talk a little bit about what banks like us, but banks in general are doing now to protect people from these scams? Because, you know, we can't be accountable for everything that happens in the world, but we can certainly help.
[06:29]
Darius Kingsley
So we are constantly monitoring all the various frauds and the scams out there, and they're constantly changing. We inform a lot of our risk rules. Our risk rules are kind of dynamic and we're always trying to sort of update them and follow and block payments that don't look right. But a very large part of it as well is education.
[06:47]
Ben Walter
Last thing I want to talk about is new technology on the scene, because I could see some of these scams getting even more sophisticated. But also I could imagine a world where it gives you tools to protect yourself that didn't exist before.
[07:00]
Darius Kingsley
Unfortunately, we're seeing the use of AI tools more and more. And so you can think about it in a couple different ways. The AI tools enable you to clone invoices, clone websites a lot more effectively than we used to. Right. On a personal level, we've all Seen it. You know, the days of the old, poorly written Nigerian print scam like those are kind of laughably funny. Today you get emails that look exactly like a major online retailer. They're like, perfect. The other place they're using AI tools that we're seeing is in voice. So back to that. You get a phone call from a vendor, it's someone that you're used to. It's going to sound just like them because you can run your own voice through one of these AI clones, and it's going to sound exactly like someone you're used to talking to. On a personal level, you may have seen it or heard of it with an infamous grandparent scam of getting your call. Today, people are getting calls from their grandchild who's in jail and in trouble, and it sounds exactly like their grandchild because they're running it through these AI tools. Similarly, you can do that with people that you do business with. So be careful of who you're talking with on the other phone or very wary of random calls that come up, especially ones that have urgency or require you to act very quickly.
[08:13]
Ben Walter
Do you think we can expect tools to come online to help people prevent that? So will there be AI detection tools and other things that come out into the marketplace?
[08:22]
Darius Kingsley
Absolutely. I mean, so we're already using a lot of AI and machine learning. And the other thing we're doing is we're taking a lot more time to really work with government and with other entities, major retailers, the social media companies. This is going to be something I think you'll see publicly more and more in 25. You've already seen some of it and just really trying to get our arms around the tools that these scammers use to contact our customers.
[08:49]
Ben Walter
Well, be aware. Make a plan.
[08:52]
Darius Kingsley
Exactly.
[08:52]
Ben Walter
Thanks very much, Darius. It's great to have you on the show.
[08:55]
Darius Kingsley
Thanks, Ben. Appreciate it.
[08:59]
Ben Walter
Thank you for listening. Fraud and scams can come from anywhere, so please stay vigilant and have protocols in place for your business to make sure you and your business stay safe. I'm Ben Walter and this is the Unshakables from Chase for Business and Ruby Studio from iHeartMedia. We'll see you back here soon.

Episode Summary: Protecting Your Business from Fraud: Special Topic

1. Introduction to Fraud in Small Businesses

Notable Quote:

"Fraud, especially targeting businesses, is something that happens far too often."
— Ben Walter [00:08]

2. Guest Introduction and Expertise

Notable Quote:

"Small business owners are these days probably more targeted than ever."
— Darius Kingsley [01:04]

3. Common Types of Scams Targeting Small Businesses

Darius elaborates on the prevalent scams affecting small businesses, underscoring their sophistication and the vulnerabilities they exploit:

Business Email Compromise (BEC): Scammers impersonate trusted contacts to request fraudulent payments.
Phony Invoices: Fake invoices that closely mimic legitimate ones, altering payment details to divert funds.
Stolen Identity: Use of stolen personal information to carry out fraudulent activities.

Notable Quotes:

"You're really seeing a lot of the business email compromise scam... they look just like someone that you're used to transacting with."
— Darius Kingsley [02:19]

"It's very easy as well these days. Much easier than ever to copy an invoice."
— Darius Kingsley [02:19]

4. The Rise of Sophisticated and AI-Driven Scams

The conversation shifts to more elaborate and technologically advanced scams, highlighting how fraudsters leverage extensive research and artificial intelligence to deceive businesses:

Deep Research: Scammers gather detailed information about a business and its employees through social media, websites, and professional networks like LinkedIn.
AI-Cloning: Use of AI to create convincing replicas of emails, websites, and even voices to impersonate legitimate contacts.
Pig Butchering: Long-term investment scams that can drain an individual's life savings.

Notable Quotes:

"The scammers can very quickly go on LinkedIn, they can go on social media... and it's very hard... to scrub a lot of that from the Internet."
— Darius Kingsley [03:41]

"We're seeing the use of AI tools more and more... you get emails that look exactly like a major online retailer."
— Darius Kingsley [07:00]

5. Prevention Strategies for Small Businesses

Darius offers practical advice for small business owners to mitigate the risk of falling victim to fraud:

Cyber Hygiene: Regularly educate and inform employees about potential threats and the importance of vigilance.
Invoice Verification: Always verify the authenticity of invoices before processing payments.
Account Monitoring: Keep a close watch on bank accounts to detect any unauthorized transactions promptly.
Dual Custody Systems: Implement additional approval layers for significant financial transactions to ensure multiple checks are in place.
Resiliency Planning: Develop comprehensive plans outlining steps to take in the event of a fraud attempt, including immediate contacts at financial institutions.

Notable Quotes:

"Not all businesses have the resources to have a full cyber program, but there's a lot of some fairly basic things you can do."
— Darius Kingsley [05:09]

"Have a plan... who you will contact, who you will contact at your financial institution if you believe that there is a fraud."
— Darius Kingsley [05:22]

6. Banking Sector's Role in Fraud Prevention

The discussion moves to the proactive measures banks like JPMorgan Chase are implementing to shield businesses from fraud:

Dynamic Risk Monitoring: Continuously updating risk rules to identify and block suspicious transactions in real-time.
Educational Initiatives: Providing resources and information to educate businesses about emerging threats and preventive techniques.

Notable Quotes:

"We are constantly monitoring all the various frauds and the scams out there, and they're constantly changing."
— Darius Kingsley [06:29]

"A very large part of it as well is education."
— Darius Kingsley [06:29]

7. The Impact of Emerging Technologies on Fraud and Protection

Darius discusses the dual-edged nature of emerging technologies like AI in the realm of fraud:

Enhanced Scamming Techniques: AI enables the creation of highly realistic fraudulent communications, making it harder for businesses to discern genuine interactions from fake ones.
Advanced Protection Tools: Concurrently, AI and machine learning are being harnessed to develop sophisticated detection and prevention tools, offering businesses new avenues to protect themselves.
Collaboration with Tech Firms: Banks are partnering with government bodies, major retailers, and social media platforms to stay ahead of evolving scam tactics.

Notable Quotes:

"The AI tools enable you to clone invoices, clone websites a lot more effectively than we used to."
— Darius Kingsley [07:00]

"We're already using a lot of AI and machine learning... trying to get our arms around the tools that these scammers use."
— Darius Kingsley [08:22]

8. Conclusion and Final Recommendations

Notable Quote:

"Fraud and scams can come from anywhere, so please stay vigilant and have protocols in place for your business to make sure you and your business stay safe."
— Ben Walter [08:58]

Key Takeaways

Awareness is Crucial: Understanding the types of scams prevalent today helps businesses recognize and prevent potential threats.
Implement Basic Security Measures: Even without extensive resources, small businesses can adopt fundamental practices like verifying invoices and monitoring accounts regularly.
Educate Employees: Ensuring that all team members are informed about fraud tactics strengthens the overall security posture of the business.
Stay Updated with Technology: Leveraging AI and collaborating with financial institutions can provide advanced protection against sophisticated scams.
Develop a Response Plan: Having a clear action plan in case of fraud attempts ensures swift and effective responses, minimizing potential damage.

By addressing these areas comprehensively, The Unshakeables episode empowers small business owners to defend their enterprises against the ever-evolving landscape of fraud and scams.