Wealth Insights

Fraud awareness: Protecting your financial future

Fighting fraud starts with you.

From data breaches to cyberfraud and identity fraud to business email compromise, there is no shortage of headlines espousing the various ways criminals are defrauding consumers and businesses of billions of dollars.

In fact, the Federal Trade Commission (FTC) recently released data showing that consumers lost more than $12.4 billion in 2024 alone. The biggest driver to this 25% increase from the prior year was in the percentage of people who reported losing money to a fraud or scam, which grew by double digits.

“Consumers and businesses are increasingly targeted as fraud schemes become more sophisticated,” said Jeff Taylor, head of Commercial Fraud Forensics at Regions. “With the technology-driven threats of artificial intelligence-themed scams to old-fashioned check fraud, criminals are finding ways to part people and companies from their hard-earned money. And as a financial institution, in addition to putting in protections in-house, it is also our job to help educate our clients and build awareness around the ever-evolving schemes so they can also protect themselves.”

Regions has been hosting fraud education events across the Bank’s footprint for more than a decade and since fall of 2024 Taylor has been joined by tenured fraud speakers including former FBI agent Scott Augenbaum.

Augenbaum and Taylor have spoken to audiences in Nashville and Houston, and spoke with an audience of commercial and wealth clients in Dallas to reinforce their message of awareness as the main defense when it comes to protecting yourself and/or your business from falling victim.

“While victim profiles vary, the fraud vectors are often the same across the consumer, wealth and business owners and leader,” says Trevor Syzmanski, Regions Treasury Management Sales Executive for Texas who moderated the Dallas event. Taylor and Augenbaum share their perspectives on the common threads throughout the fraud landscape.

Fraud awareness: Don’t be a victim

“I don’t have anything that’s worth stealing they will say or I’m a small business,” Augenbaum notes. “I had a multi-billion dollar publicly traded company tell me they were not potential victims because they didn’t fit the victim profile.”

Augenbaum shares some hard truths.

“The cyber criminals do not care who you are, they don’t care about how much money you have in your bank account, they don’t care if you are a nonprofit organization, they’re going to target you,” says Augenbaum. “And when the bad guys steal your stuff and you contact law enforcement, law enforcement does not get your stuff back, and putting the bad guys in jail is really hard because they are usually located overseas.”

There is some good news as Augenbaum added that during his decades with the FBI he discovered that a majority of cybercrime victimization and fraud could easily be prevented with a couple of key pieces of information.

Fraud awareness: Compromised email

There are many schemes that criminals employ when targeting businesses and consumers including the most common attack in the form of business email compromise (BEC) or email account compromise, which is essentially the same scheme but used to target consumers.

A sophisticated scam where attackers impersonate legitimate business contacts, often executives, to trick employees into transferring funds or sharing sensitive information, business email compromise can catch unwitting victims off-guard, opening the door to deception.

Email account compromise is a highly sophisticated attack in which attackers use tactics like password spraying, phishing, and malware to compromise their victims’ email accounts, gaining access to legitimate mailboxes. Not unlike social media account takeovers, this scheme can lead a victim to sharing personal and/or financial information with – or sending money to – a criminal posing as a friend, banker or other trusted source.

Here are some common forms of account compromise vectors:

• Phishing – using bogus emails to prompt victims to reveal confidential information.
• Email spoofing – criminals try to spoof legitimate email addresses by altering letters and numbers to appear to be that of a trusted source.
• Domain lookalike – website spoofing creates a similar website domain address designed to pull victims into entering their personal information, including usernames and passwords into criminal-hosted domains.
• Social engineering – fraudsters use phone calls/conversations to gain trust.

For business leaders and owners, it is so important to train your employees on recognizing these types of threats and stop, call, and confirm requests for account changes or transactions.

Fraud awareness: Old-fashioned check and deposit fraud

According to a FinCEN news release financial institutions reported more than $688 million in suspicious activity in the six months following the government organization’s alert on mail theft-related check fraud.

Whether it is check washing, identity theft, counterfeits, or physical mail theft, criminals are still leaning on old-school physical fraud through paper instruments to defraud consumers and businesses.

“If you’re a private wealth customer or a consumer, use your bill pay platform,” says Taylor. “If your business must use checks, Regions offers protection. Positive Pay, with Payee Name verification can assist businesses in recognizing and reporting fraudulent checks. For smaller businesses, a simplified version called Check Inspect, is available.”

A few recommendations if you must use checks:

1. Skip the blue postal boxes. One of the things that we always suggest that you do is rather than put the mail in any of the blue boxes, is to make sure that you’re taking the mail into the post office,” says Taylor. “This way you’re eliminating the option for the fraudsters to break into that blue box and steal the mail out of there. If you’re taking it into the post office, handing it across the counter, you’ve at least eliminated one opportunity for fraud.”
2. Avoid using a window envelope. Taylor notes, “There are cases we’ve investigated where the fraudsters have taken those envelopes, and they squeeze that envelope down and they’re able to see in through that window and look at the amount of the check.”
3. Use a gel-based ink pen. This ink absorbs into the paper making check washing more difficult.

Once a fraud event has taken place, it can be difficult, if not impossible for financial institutions to recover the money.

“According to the Association for Financial Professionals Payment Fraud and Control Survey, 51% of the time the people who are victims only recovered 50% of the funds,” says Augenbaum. “And 30% of the time they were able to recover absolutely nothing.”

Fraud awareness: Monitor and report

While it seems like just one more thing for the mounting to-do list, it is important to check your financial accounts and reconcile your transactions daily.

“We have to make sure that we are looking at our account and reconciling on a regular basis” says Taylor. “That is where it can become a little bit more challenging for business owners and leaders because everyone is moving a lot of money quickly. We suggest if you can reconcile on a daily basis, so you’re able to look at those transactions and identify anything that is out of the ordinary or something that you didn’t do.”

And if you do notice something you didn’t authorize, don’t wait to report it.

“The faster you report that event or transaction to us, the more likely we are to be able to recover on your behalf,” says Taylor. “But an ounce of prevention is worth more than a pound of cure in fraud because once it is gone it can be almost impossible to recover.”

Fraud awareness: The more you know

Check out Regions’ libraries of fraud education and awareness resources:

• Protect yourself from fraud
• Protect your business against fraud
• Doing More Today: Fraud Prevention