WESTERN PRODUCER — An expert urges farmers and agri-businesses to protect themselves from rising levels of financial fraud that have cost some producers tens of thousands of dollars.
“It’s unbelievable the amount of cases that have come through our organization in the last year and a half,” said Jonathan Neutens, head of agriculture at ATB Financial. “I don’t know what the percentage would be, but it’s large.”
He discussed the issue as one of the speakers at the recent CrossRoads Crop Conference in Calgary.
“Fraud prevention is something I think is starting to be considered as it relates to the future of finance, for sure.”
Neutens said during an interview that he wasn’t sure of all the reasons behind the increase in fraud, which involves “all of the banking world” as well as victims besides the agriculture industry. He said criminals are devising new ways to ensnare people as financial institutions implement tougher safeguards.
He pointed to measures such as two-factor authentication that requires two separate, distinct forms of identification to prevent thieves from gaining access to online banking accounts. He said criminals have gone beyond phishing emails and smishing text messages, which impersonate legitimate sources to trick people into revealing sensitive data such as passwords or credit card numbers.
“We’ve had that occur where someone does a Google search for ATB, clicks on the top link, and the top link happens to be a fraudulent website that looks exactly like ATB’s. And you put in your information, you log in and they’ve got you, and then all they have to do is log into your account and change contact information so they get the two-factor authentication versus you, and then they can start firing up electronic payments.”
People should always double check the source of emails and texts, said Neutens.
“Sometimes the email address or the website address, it might only have one letter that’s different.”
A good practice is to directly type the correct URL for your financial institution into the address bar on your browser to conduct online banking, he said. It is also wise to make 100 percent sure you haven’t received a phishing email or a smishing text, even if you must first make a phone call to your financial institution or other legitimate source, he added.
Phishing emails can look exactly like those of someone familiar, such as a supplier, which could be due to the supplier’s email account being hacked, said Neutens.
“And if their email is hacked, (criminals) watch for the conversation style or what have you, and eventually they send you an email and they say, ‘oh, by the way, you need to change payment to this account, and click on this to make the payment’,” he said.
“If you click on something like that, and that takes you into your online banking or whatever it is and you do your two-factor authentication, then they’re watching it, and they’ve got it.”
ATB is working to improve its ability to detect fraudulent transactions more quickly by increasing the number of staff devoted to the problem, said Neutens. But if someone gets login information and changes a two-factor authentication, “there’s really nothing we can do about that because they’ve got it from you in some way, shape or form.
“We can’t stop that because that’s outside of our systems and outside of our control, and then they come in and they log in like it’s you. How is the banking system going to know the difference?”
However, Neutens said the largest source of fraud involves cheques, and is a growing problem. One of the more interesting scams targets people who send cheques through the mail, he said.
“They’ve written a cheque to someone like John Deere, or whatever, like to a supplier, and that cheque gets stolen … a new cheque is done up basically using that bank account information with the same dollar amount, but to a different payee, so when the cheque clears, the customer sees the cheque clear and thinks it’s cleared until the supplier calls him and says, ‘hey, when are you going to pay me?’”
Such crimes have cost some producers tens of thousands of dollars, said Neutens.
“It’s pretty often that farmers can cut a cheque to someone for $40,000, $50,000 or $60,000, and so yeah, we’ve had that.”
Modernizing the funding and payment system by moving away from cheques would be the easiest part of the solution to implement, and producers should stop using cheques if possible, Neutens said in an interview.
“They’re just too risky these days, so if you move away from cheques, do that and get into your online and EFTs (electronic fund transfers) and all that kind of stuff with two-factor authentication, and then just make freaking sure you understand what smishing is, you understand what phishing is, you understand how the fraudsters work,” he said.
“And we have those resources. You can reach out to us at ATB and we’ll give you the resources to help you understand and get trained up on what that is so that you can hopefully not get caught in one of these situations.”
- Phishing: One of the most common types of cyber fraud. Hackers use fake emails or text messages that trick users into sharing personal information such as bank details.
- Smishing: Deceptive text messages that lure victims into sharing personal or financial information, clicking on malicious links or downloading harmful software or applications.
- Malware: Malicious software such as a virus that can destroy, damage or exploit computers or computer systems.
- Worms: A malicious software that replicates itself and spreads from computer to computer. Unlike viruses, worms do not need to be attached to a computer program to do damage. They work silently and infect the device without the user’s knowledge.
- Ransomware: Cyber criminals use it to lock a device or steal information. They then demand a ransom to restore access or return the information. Payment is usually demanded as a crypto currency such as Bitcoin.
- Spyware: Malicious software that infiltrates a device and monitors activity. Criminals can then steal logins, passwords and credit card information.
- Trojan horse viruses: Code or software that looks legitimate but can take control of a computer.
- Distributed denial of service attacks: Occurs when hackers attempt to make a website or computer unavailable by flooding it with internet traffic.