NACM Intermountain

Non-member credit reference

My Top 10 From the NACM Fraud Prevention Strategies Seminar

I attended the NACM Fraud Prevention Strategies in January and ever since the seminar these things have stayed at the top of my mind – without even referring to my notes:

  1. Even the professionals who came to speak confessed to falling for some type of electronic fraud at some point in the recent past. Employees will have fraud impact them somehow and we need to be conscientious.
  2. We are only as safe as the humans involved let us be.
  3. 15 is the magic number – for passwords. Upper/lowercase, numerals, and special keys don’t matter as much, it is the length and the use of a phrase instead of dictionary words that creates good passwords. Changing often is not necessary if you have a good password. Password or login credentials should be #1 on the protection list. I learned this many years ago at a credit congress from a woman named Beth Z. She used the example of REOSpeedwagon80$ – a long phrase, with both upper- and lower-case letters, that had number and special key and was not a word in the dictionary. The example given at the meeting was the first letter of each word in a phrase – like jajwuthtfapow Jack and Jill when up the hill to fetch a pail of water.
  4. Have three access points that are protected to your server/internet. One for your company computer users (sitting at their desks), one for guests and another for your employees to access from their personal devices while working at their desks. (personal devices can bring unknown malware in etc.)
  5. It is not IF but WHEN and HOW often electronic fraud will impact your company directly.
  6. Insurance is a must. Good insurance and a company that is actively involved in helping the company fight fraud.
  7. Manufacturing and Construction industries are the newest targets of many of the latest electronic frauds and breaches.
  8. Security and Convenience don’t go together. We need to communicate with our people the importance and value of the protections and security we put in place. Not just once but often. Maybe even test our employees and educate again if a failure/breach occurs. Breed a culture of security.
  9. Costs are staggering, not just in insurance claims and actual money loss, but repairing reputations, time spent, legal fees, equipment replacement and upgrades etc. can sometimes be the same amount as the actual money lost. Insurance makes the loss less terrible but terrible all the same. Mexico and Central/South American are the hardest to recover money from. Also, we need to somehow get the US Government to help fight this type of fraud better and be more proactive.
  10. AI will drastically impact fighting fraud – deepfakes, voice and or face confirmations won’t be valid, word pattern and grammar recognition only gets more humanlike every day, business entities and people may not actually be real. Most AI fraud companies are actually located in the USA and target US and State weaknesses. When a weakness is found – the dark web shares the weaknesses and the targets multiply.  

by April Tanner, CCE, Kimball Equipment