Payment Methods and Fraud Prevention Tips

FCSAmerica offers drafts to our customers to access available funds from operating lines of credit. Drafts are vulnerable to fraudulent activity because they have your account number printed on them and can be altered or counterfeited to steal funds directly from your operating loans.

It is important to keep drafts physically secure, consistently monitor financial activity and immediately report suspicious and/or unauthorized transactions.

Drafts can be manipulated in several different ways.

• Stolen Drafts: Fraudsters steal drafts when left unsecured, including from mailboxes.
• Draft Alteration: The fraudster changes the payee’s name, the draft dollar amount, or both on a stolen draft. Generally, the fraudster intercepts the draft, uses specific “washing” techniques to erase the existing payee or dollar amount, and then writes the new information on the draft. After altering the draft, the fraudster will cash the draft under a fake name. The draft will flow through the banking system and post to the original, FCSAmerica customer’s operating loan account.
• Counterfeit Draft: The fraudster will use a stolen draft to design and print off new, counterfeit drafts. After creating the counterfeit drafts which still have the customer’s actual account number on them, the fraudster will complete the counterfeit drafts with payee and dollar amount information before cashing them under a fake name.
• Forged Payee Endorsement: The fraudster intercepts a draft in the mail, forges the payee's endorsement, and deposits or cashes it. In some instances, the draft may be deposited electronically without any endorsement at all. The theft may remain undetected for weeks or months until the intended payee follows up on the missing payment.

Fraud Mitigation Tips:

• Timely review all cleared drafts.
  • Ensure the correct payee is listed.
  • Review the endorsement on the back to be sure the intended payee received the funds.
  • Verify that the amount posted to your account is correct.
• Report all draft fraud to FCSAmerica within 24 hours of posting to ensure the best chance of recovery.
• If you must send a draft payment in the mail, drop the draft in the mailbox located inside the USPS facility.
  • Do not leave drafts in a personal residence mailbox with the flag up or at the curbside mailbox at a USPS facility.
• Consider using an alternate form of payment other than a draft to prevent sharing account numbers with multiple parties. 
• Use a black gel pen when writing a draft – these types of pens have ink that is more difficult to remove.

FCSAmerica enables customers to make electronic payments through the ACH network, allowing same-day or next-day transfers between financial institutions. ACH transactions are faster than drafts but slower than wires.

ACH fraud can occur in various ways. Fraudsters may initiate unauthorized ACH debits by using your account and routing numbers to “pull” funds; however, FCSAmerica is more often targeted by ACH credit fraud, where a fraudster gets you to send or “push” funds under fraudulent and deceitful circumstances from your account to a fraudster’s account.

ACH Credit Fraud can be accomplished through several different methods including, but not limited to:

• Account Takeover (ATO):  Fraudsters conduct an ATO gaining direct access to your account by logging in using your credentials obtained through data breaches, phishing, or other techniques and initiating a payment to their external bank account.
• Business Email Compromise (BEC):  Fraudsters take over a trusted vendor or business associate’s email using various BEC techniques and send an “urgent past due” invoice to you with “updated payment instructions” hoping to trick you into sending your money to the fraudster’s bank account.
• Spoofed Email:  Fraudsters send an email using a forged email sender address that closely mimics a legitimate email address (spoofing) with a “past due” invoice attached hoping to trick you into paying the fake invoice before verifying the invoice’s authenticity. Fraudsters can also spoof other forms of contact – including phone numbers, display names, caller IDs, and entire websites. Ultimately, these frauds have the same goal – to trick you into providing personal, professional, or financial information or funds thinking you are interacting with a legitimate person or company.

The ACH Network has varying timeframes for potential recovery depending on several factors unique to each ACH Entry. The sooner you notify FCSAmerica of a fraudulent ACH Entry, the better chance FCSAmerica has to recover the funds.

Fraud Mitigation Tips:

• Verify changes in vendor payment details (routing and account number) by directly calling the recipient – especially if the change in payment instructions is received via email.
  • Be sure to use a known phone number and not one listed in the email.
• Use good financial security practices – such as strong passwords – and take advantage of account security features including multi-factor authentication (MFA), dual approval, and account notifications to be more likely to stop fraud attempts in process.
• Frequently monitor your account activity for unexpected credits or debits to your account.
• Report all ACH fraud to FCSAmerica within 24 hours of posting to ensure the best chance of recovery.

Wires are a near instantaneous payment method to send large sums of money to other businesses and individuals.

Wire fraud resembles ACH fraud using similar tactics such as Account Takeover (ATO), Business Email Compromise (BEC), and spoofing to steal credentials or trick victims into sending funds to fraudulent accounts. 

• Account Takeover (ATO):  Fraudsters gain access to your account using stolen login credentials from data breaches, phishing, or other methods, then transfer funds to their account
• Business Email Compromise (BEC):  Fraudsters hijack a trusted vendor’s or associate’s email to send fake “urgent past due” invoices with fraudulent payment instructions.
• Spoofed Email: Fraudsters use forged email addresses resembling legitimate ones to send fake invoices or requests, often paired with spoofed phone numbers, caller IDs, or websites, aiming to steal money or sensitive information.  

While wire fraud methods are similar to ACH fraud, key differences include:

1. No dollar limits: Unlike ACH transactions capped at $1,000,000 for same-day entries, wires have no transaction limits.
2. Short recovery window: Wires settle within minutes, leaving minimal time for recovery. Once settled, transactions are final.
3. Limited recourse: Wires lack the return timeframes and legal protections of ACHs, offering little recourse if funds are lost to fraud.

Fraud Mitigation Tips:

• Verify changes in vendor payment details (routing and account number) by directly calling the recipient – especially if the change in payment instructions is received via email.
  • Be sure to use a known phone number and not one listed in the email.
• Use good financial security practices such as strong passwords and take advantage of account security features including multi-factor authentication (MFA), dual approval, and account notifications to more likely to stop fraud attempts in process.
• Frequently monitor your account activity for unexpected credits or debits to your account.
• Be wary of the following wire scam red flags:
  • The recipient asks you to wire funds to a foreign country.
  • A new online friend or romantic interest has an untimely emergency and asks for funds to be immediately wired and promises to pay you back.
  • The recipient instructs you to not tell anyone about the wire.
  • The recipient is especially aggressive about rushing payment.
  • The recipient instructs you to falsify the purpose or the wire instructions.