A joint responsibility

Corporate fraud

Corporate fraud is on the rise worldwide. While companies are taking significant preventive measures, attacks are becoming more sophisticated.

Fraudsters are clever, well organised and masters in ‘social engineering’. They use deception to manipulate individuals into executing actions, divulging confidential or personal information used for fraudulent activity.

ING regards knowledge – and sharing it with clients – as the bank’s first line of defence. Not only on how to secure your eBanking environment, but also on how to protect yourself from fraud. By learning about the types of scams and countermeasures used to prevent these, your organisation is better prepared to identify and reduce fraud significantly.

Detailed information about the following topics on this page:

 

 

Unfortunately, total protection does not exist, as fraud is linked to the human factor. Nonetheless if you communicate and apply the recommendations within your business, you could reduce the risks considerably by improving awareness amongst all staff, including directors as well as anyone with power of attorney over the company's accounts or the ability to create payment instructions. As awareness fades over time, make sure to periodically repeat this process.


Important information

If fraud is detected and in progress, always notify your ING contact immediately. Even if a transfer has already been made, an attempt can be made to block the funds before they disappear. If the fraud occurred a while ago, please report the case via e-mail to report.fraud.wb@ing.com.


Select a topic

How to protect your business from fraud

Protect yourself from fraud by learning about the types of scams and countermeasures used to prevent these. The following types of corporate fraud are described below:

  • CxO fraud
  • eBanking fraud
  • Invoice fraud

These fraud cases occur daily, worldwide and generate billions of losses annually.

 

CxO fraud

Social engineering is used to profile your company, so the fraudster can plausibly pose as a senior manager or a third party acting on behalf of senior management and manipulate employees into executing payment transactions or divulging confidential information.

What happens?

  • Fraudsters will contact your company by email or phone, acting as auditors, chartered accountants or even a government department undertaking an investigation. By these means, they gather information on your company's internal payment procedures as well as the people who make them. Also, information on social media (LinkedIn, Facebook) might help fraudsters to identify employees involved in payment procedures.
  • Next they contact company employees with rights to make large payments posing as the CEO, CFO or other senior manager. Referring to a decision to possibly take over a foreign rival, or other event requiring a major transaction.
  • It is common in these scenarios that the fraudster explicitly stipulates that the transaction must be executed urgently and with the utmost secrecy.
  • The fraudsters may even call on an external consultancy (whose identity they have stolen) to make the operation more credible. The consultancy then contacts the target employee to confirm the transaction and reiterate the secrecy and urgency of the payment to be made. If the employee hesitates the fraudsters will use several tricks such as name dropping top executives in the company, flattery or even threats.

Variants of such fraud

Several varieties exist, such as fraudsters posing as lawyers, notaries, police officers, helpdesk, etc.

What safeguards to take?

  • Always be cautious when funds are asked to be transferred urgently and secretly.
  • In the event of an urgent request, always call the person who made the request back on a known, previously verified phone number.
  • Implement segregation of duties like dual sign permissions, where at least two separate people have to sign payments.
  • Do not allow people to share authorisation devices (e.g. cards and PIN numbers).
  • Ask employees to limit the level of detail in their social media expressions on the role they occupy within the organisation.
  • Appoint a reference (who is neither the CEO nor the CFO) who must be contacted when a confidential or urgent transaction is requested. That person can contact the company director personally to check the authenticity of the request. Caution, such powers must not be known outside your company

eBanking fraud

eBanking fraud covers phishing and malware infections. It may affect your company or your private life. Whatever the case, cyber criminals will try to steal money by recovering identification codes and electronic signatures of their victim. With these codes, they transfer funds to their accounts by emptying your bank accounts.

What happens?

  • You receive an email supposedly from your bank claiming to be a security check, that an account will be blocked or that a change will be made to the services offered by the bank. Other motives are possible. Each time the aim is to get you to click on a link within the email that diverts you to a false identification page that looks similar to your online banking.
  • On that page, you enter your access codes which the criminals retrieve as you are on their site and not your bank's site. With your codes, these criminals can access your online banking and execute transactions.

Variants of such fraud

  • You receive a call from the fraudster pretending to be a bank employee. Calling you to perform some sort of security check or “update”, requiring you to generate one or multiple response codes with your smartcard and reader. The fraudster will use these to login to the bank’s eBanking website and enter and sign transactions on your behalf.

Your computer is infected with malware. Such infections typically occur by opening attachments or links in a malicious email you have received. Or by visiting compromised websites, which exploit vulnerabilities in your web browser or operating system to install malware on your PC.
Once active several scenarios are possible, depending on the type of malware. Ultimately all these scenarios lead to the malware trying to create and execute fraudulent payments on your behalf.

What safeguards to take?

  • Keep your pin and generated security codes secret. Never reveal these secret codes to anyone who asks for them, e.g. on the phone, in email,  via SMS, WhatsApp message or face-to-face. ING staff will never ask you for your codes
  • Never generate a security code when not accessing or using online banking yourself.
  • Always check the details, i.e. amount, beneficiary name and account numbers of all payments you are about to sign.
  • Always close the active web browser session properly by clicking on ‘Log out’. Never leave your computer unattended when you have an active session: Close the session or lock your computer.
  • Implement dual signing: The person who must add the second signature has an external look at the transaction and can detect fraud more easily. Never leave both signatures in the hands of the same person and check what you are signing. Always make sure that 1st and 2nd signers use different PC’s, as this will increase your chance of detecting fraudulent payments created by malware.

Invoice fraud

Invoice fraud is manifold, in all cases the fraudsters will change the banking details of the company which issued the invoice to their own and as a result receive the invoiced amounts.

What happens?

  • The criminals intercept the invoice between the time it is posted and its receipt, or by hacking the mail accounts used for sending invoices by email.
  • The fraudsters change the invoice to reflect their own banking details on it. They can do this in different ways: a new invoice is compiled with the new details, a sticker (often fluorescent) with the fraudsters' banking details and mentioning a change of bank is placed on the real banking details, etc. Then the invoice is sent again.
  • The invoice is received and paid to the new bank account number. It is highly likely that the following invoices will also be paid to the wrong account until the real issuer of the invoice realizes that their invoices have not been paid and contacts the debiting company

Variants of such fraud

Invoicing fraud comes in several varieties. For instance, the debiting company receives an email from what it thinks is its supplier, stating a change of bank and consequently of account number. This message will bear the suppliers' letterhead and seem legitimate. In such cases, no invoices are intercepted, but an ordinary message with the new banking details is sent. All pending invoices as well as subsequent invoices will be paid to the new account number. 

Whatever the scenario, the aim of the criminals is to make a change to what we call the suppliers details (phone number, bank references, email address) in order to steal funds.

What safeguards to take?

  • Validate the invoice: Did you expect the invoice? For this amount? Are the supplier details unchanged compared to previous payments?
  • Any change in your suppliers' details (address, phone number, email address, account number, etc.) must result in a phone call to a verified  number (not to the number indicated on the invoice itself), to check the validity of the requested change

Important information

The information on this page is provided to you solely for informational purposes in order to make you aware of the most frequent cases of fraud and provide you with recommendations to protect yourself against it. This information does not ensure that your company, acting upon these recommendations is or will be protected against any occurrence of fraud detailed on this website. No rights can be derived from the use of and reliance on the safeguards you take by following up these recommendations. ING does not accept any responsibility or liability with respect to your reliance on and the actions you take as a result of these recommendations. This disclaimer is governed by Dutch law.

Fraud in progress

If internal or external fraud has been established and the fraud is in progress, meaning the payment was made in the last few days: immediately report this to your regular ING contact providing as much information as possible (e.g. account numbers, users). By calling your bank quickly, you will increase the likelihood of recovering the embezzled funds.

Fraud detection well after the fact

After 24 hours it is practically impossible to recuperate stolen amounts. If the fraud occurred a while ago, it is not likely that the embezzled funds can be blocked and retrieved. In this case, please report the case via email to

report.fraud.wb@ing.com

The client / employee can expect a first response from ING within 4 hours (during European banking hours) with advice and information on a
case-by-case basis.

Note that any employee or client who has or thinks they have been a victim of fraud must report fraud to the designated local authorities. ING cannot take legal action on your behalf, but can advise you on the steps to be taken.

What to do in case of doubt?

Better safe than sorry: Every suspicious transaction, unexpected behaviour while using eBanking or questionable communication in the name of the bank should be reported to ING.

What if ING detects suspicious behaviour?

When ING detects suspicious behaviour, for example questionable login attempts or strange transactions, you could be contacted by ING to verify the validity of the detected event. Communication will, as much as possible, be handled by an ING employee known to you. In case you have doubts about the identity of an ING employee calling, you should always report this.

ING’s fraud measures

Apart from the preventive measures, like highly secure authentication of users and encryption of data, ING has implemented several monitoring solutions to detect fraud. In combination with dedicated teams aimed at rapid information sharing, prevention and response, ING is able to deal adequately with new fraud threats and can act quickly when a fraud case is detected.

ING’s virtual cybercrime & fraud team

ING has responded to the increasing level of cyber fraud by creating a single virtual team, which reviews and addresses fraud prevention for the whole of ING Wholesale Banking. The combination of cybersecurity and fraud experts and regular weekly calls across geographical areas ensure the optimal sharing of information throughout the organisation.

Session monitoring

The interactive channels are monitored by real-time analysis of the web sessions. The goal is to detect fraudulent use of the channels, based on indicators of illicit activities. Some forms of malware in the customer’s environment can be detected by our anomaly analysis; in this case ING will inform the customer and advise on further steps.

Transaction monitoring

Transaction monitoring capabilities are implemented that utilize behavioural analysis, machine learning and rules engines. Based on historic patterns incoming transactions are analysed in real-time, generating alerts when anomalies are detected. 

Dedicated fraud operations team

Detected anomalies in the session or transaction monitoring will lead to alerts, that are handled by a dedicated fraud team. If additional analysis does not lift the suspicion, the affected client will be contacted to determine whether or not the detected anomaly is the result of fraudulent actions. In such cases first contact will always be established via known contacts and by phone, after which contact will be established on more operational level if needed.


More information

How to protect your business from fraud

Protect yourself from fraud by learning about the types of scams and countermeasures used to prevent these.

Read more

What to do in case of fraud or doubt

If internal or external fraud has been established and the fraud is in progress, meaning the payment was made in the last few days, take the next measures.

Read more

ING’s fraud measures

Apart from the preventive measures, like highly secure authentication of users and encryption of data, ING has implemented several monitoring solutions to detect fraud. 

Read more