Outsmarting payment fraudsters

This article was originally published by innovatingcanada.ca on September 26, 2024.

By Jon Purther, Director of Research at Payments Canada

Jon’s career encompasses more than 25 years of senior management experience in forensic research and strategic marketing management, including domestic and international assignments. With Payments Canada, Jon is spearheading a team involved in both strategic foresight and market research.

According to a recent study from Payments Canada, one in five Canadian businesses experienced payment fraud in the past six months. This is despite 63 per cent of businesses who report that they feel confident in knowing how to protect themselves against payment fraud and cybercrime and 61 per cent who say they are more aware of how to recognize potential threats.

The most common types of fraud experienced by Canadian businesses were impersonator fraud originating from a phone call, message or email that appears to be from a trusted business source (25 per cent), intercepted business’ e-Transfers (22 per cent), and credit card fraud (20 per cent). When fraud occurred, over a third of businesses (39 per cent) suffered losses greater than $1,000 in a single experience.

As payment fraud and cybersecurity threats become more sophisticated, businesses face the challenge of constantly evolving their security practices to keep up. Our study findings reinforce that there is no room for complacency around cybersecurity measures to protect against and detect fraud risks for Canadian businesses regardless of size and industry.

Almost two in three businesses (65 per cent) would even be happy to take extra steps to make an online transaction if it meant they were better protected. When transferring money online, three in five businesses (61 per cent) would be willing to better protect themselves from scams, even if the process called for more time-consuming steps.

While many businesses are taking preventative measures to keep their payments safe, there is always room for improvement, including better password management. Overall, 41 per cent of commercial businesses and 39 per cent of small and medium-sized businesses (SMEs) store their passwords on their smartphone, personal computer or laptop. One in three (33 per cent) of commercial businesses and one in four (25 per cent) of SMEs and tend to use the same password for all their business-related accounts.

With nearly half (45 per cent) of businesses reporting an increase in fraudulent or suspicious activity directed at them through email over the last 12 months, companies have also gained a heightened level of awareness. As we look to the future, continued education for businesses, employees and consumers, working in tandem with evolving technologies and cybersecurity best practices will be critical in combatting the fraud challenges that businesses face.