Business Fraud Awareness, Prevention & Reporting Resources

The agencies below provide resources to help you protect your identity and financial well being as well as reporting tools if you are a fraud victim.

U.S. Small Business Administration (SBA) Cybersecurity Resource Page

The SBA provides a great resource and tool for small to medium sized businesses. The SBA has a cybersecurity page that provides learning resources and tools to help prevent businesses from becoming a victim of cybercrime.

Learn More

Internet Crime Complaint Center (IC3)

IC3 is a joint effort between the Federal Bureau of Investigation (FBI), the National White Collar Crime Center and the Bureau of Justice Assistance. The IC3 accepts internet crime related complaints from individuals that have been defrauded.

Learn More

Department of Homeland Security—Stop.Think.Connect Small Business Resource

The Department of Homeland Security provides a wealth of resources to help protect your business and provide cybersecurity awareness for small to midsize businesses.

Learn More

Business and Commerical Customer Fraud FAQs

  • In some instances, like card fraud, an affidavit or a police report won’t be required for a fraud claim. Regulations regarding card transactions allow the bank to pursue recovery without written documentation. In some instances, we may ask for proof that you engaged with the relevant vendor or merchant in an attempt to resolve the situation as that documentation assists investigators with decisions on how to best attempt recovery.
  • Other fraud types like wire fraud, check fraud or Automated Clearing House (ACH) fraud, are most common to business and commercial customers and, therefore, often require a police report and a bank-approved, notarized declaration of loss. This documentation serves several purposes for the bank. Most notably for customers, it expedites our ability to pursue recovery of your funds from other financial institutions and confirms for all parties involved that our customer was, in fact, a victim of some type of financial loss.

  • Much like your personal account, daily monitoring of items posting to your account is critical. If a fraudulent item is found, call the bank immediately. We will take steps designed to prevent additional fraud, document the incident, and attempt recovery of funds. The bank’s best opportunity for recovery is within the first 24 hours of the event occurring, so it is imperative that you act quickly.
  • If your organization does not have the resources to perform daily monitoring, Positive Pay services can be very helpful. Please contact your relationship manager or customer service for more information.
  • If you experience check fraud and decline to participate in Positive Pay, the bank will no longer be able to honor most fraudulent check claims against your account. We will attempt to recover lost funds on your behalf but cannot guarantee success.

  • When you experience fraud, the restriction on your account is to prevent further fraudulent charges. This allows NBT to review and monitor all transactions that attempt to post in an effort to prevent subsequent fraud losses in your account.
  • The NBT Treasury Management Team will be contacting you about adding fraud prevention products such as Positive Pay to your current account. This will allow the account to remain open and enable you to review and authorize future transactions in your account.

  • Ultimately, the faster you get us the documentation needed to investigate the loss, the faster we can attempt to resolve your case. Our goal is to complete your case within 30 days, but a prompt submission of your documentation will help expedite the case and may result in a reduced resolution timeframe.
  • If NBT is acting on your behalf to recover a loss from another financial institution, we will credit your account only when funds are received. Exchange of funds between financial institutions in some fraud cases is dependent on the completion of a fraud investigation at both institutions, which can take additional time. While a number of factors can impact timing, our goal is to credit your account within one (1) business day of receipt of any recovered funds.

  • Call the bank immediately. Fraudulent wire transactions often result in little to no opportunity for recovery, so timing is critical. We will attempt a wire recall, but depending on timing this may not be successful.
  • In all instances of wire fraud, after calling the bank you should quickly notify law enforcement and obtain a police report. You should also report your loss to the Internet Crime Complaint Center (www.IC3.gov). Once you have completed these steps, update the bank with case numbers so investigators can document our investigation.
  • If the wire was transmitted internationally, and you report it to IC3.gov you may be instructed to initiate the Financial Fraud Kill chain utilizing IC3.gov. The bank cannot do this on your behalf, we can only assist Federal Law Enforcement once they are engaged.
  • Two steps you can take to protect yourself against wire fraud are understanding the identity of your wire recipient and having good procedures to validate their identity.

  • The use of multiple checkbooks for the same account within your company can result in false notifications generated by anti-fraud tools that the bank uses to protect you. These false notifications may delay our ability to respond to actual fraud.
  • Positive Pay also becomes less effective at preventing fraud when you use multiple checkbooks due to the possibility of duplicate check numbers or unexpected changes in the check number from one processing day to the next.

  • A common occurrence of fraud involves stolen checks (e.g., car smash and grabs, office theft). Always secure your checks and cards!
  • Stolen mail is another ongoing problem. Never leave outgoing or incoming payments in an unattended mailbox. It is a best practice to maintain control of check payments until your USPS provider takes possession of them. Theft of issued checks can result in alterations to the item to reflect a different payee or presentation of the item for cash using fake identity. Stolen checks can also facilitate the creation of counterfeit checks by providing criminals with examples of your check stock.
  • Electronic theft of other critical business information most often results from vulnerable digital hardware, unsuspecting responses to malware or phishing attacks, or intrusion by hackers into third party databases containing your business information.
  • Your vendors are also at risk for theft of business information. Business email compromises, where criminals gain access to a vendor’s email system and use it to redirect invoice payments made by the vendor’s customers, are a significant source of fraud. Always verify with your vendors if they request payment to a new account via email. When validating such a request, always use a valid vendor phone number that you have on file as opposed to a number provided in the email, which may be false.

  • In instances where we are concerned about potential fraud on your account, we may take action that impacts your transaction. Our goal is to minimize any negative impact to your normal course of business. If we attempt to contact you regarding suspected transactions, a prompt response on your behalf will help reduce that risk.
Cyber Security Best Practices.

Nine Points of Protection

Learn More

Latest Cyber Threats.

Latest Cyber Threats

Learn More