WEBVTT - Protecting Your Business from Fraud: Special Topic

0:00:03.320 --> 0:00:04.040
<v Speaker 1>Ruby

0:00:08.480 --> 0:00:11.560
<v Speaker 2>Hi everyone, it's Ben. On the last episode of our show,

0:00:11.600 --> 0:00:14.480
<v Speaker 2>we talked to Kilee Nickels about her company, Nickel and Suede.

0:00:14.600 --> 0:00:16.759
<v Speaker 2>If you haven't heard that episode, please go back and

0:00:16.760 --> 0:00:19.439
<v Speaker 2>take a listen. She was almost scammed out of twenty

0:00:19.480 --> 0:00:24.760
<v Speaker 2>thousand dollars and unfortunately, fraud, especially targeting businesses, is something

0:00:24.760 --> 0:00:28.520
<v Speaker 2>that happens far too often. In this episode, I invited

0:00:28.560 --> 0:00:31.920
<v Speaker 2>Darius Kingsley, head of banking Practices at JP Morgan Chase,

0:00:32.120 --> 0:00:35.199
<v Speaker 2>to share his expertise on the topic. The conversation was

0:00:35.280 --> 0:00:37.120
<v Speaker 2>much longer than what you hear in the episode, though,

0:00:37.479 --> 0:00:39.919
<v Speaker 2>and Darius is a wealth of information, so we decided

0:00:39.920 --> 0:00:46.400
<v Speaker 2>to devote a mini segment to my conversation with him. Darius,

0:00:46.520 --> 0:00:47.640
<v Speaker 2>thank you for joining me today.

0:00:47.920 --> 0:00:49.120
<v Speaker 1>Thanks, Ben, appreciate it.

0:00:49.600 --> 0:00:52.440
<v Speaker 2>So we wanted to bring you in because the story

0:00:52.560 --> 0:00:56.360
<v Speaker 2>that we just heard from Kilee that's all too common, sadly,

0:00:56.880 --> 0:00:59.000
<v Speaker 2>and one that you see a lot of in what

0:00:59.040 --> 0:01:00.680
<v Speaker 2>you do. So could you talk to us a little

0:01:00.680 --> 0:01:02.880
<v Speaker 2>bit about what you do and why you're close to

0:01:02.960 --> 0:01:03.640
<v Speaker 2>issues like this.

0:01:04.560 --> 0:01:07.320
<v Speaker 1>Thanks Ben. So in my role as head of banking practices,

0:01:07.360 --> 0:01:09.640
<v Speaker 1>I spend a lot of time on fraud and scams,

0:01:10.240 --> 0:01:14.560
<v Speaker 1>and in particular fraudsters and scammers that are hitting our consumers.

0:01:14.959 --> 0:01:17.959
<v Speaker 1>They target often the more vulnerable populations. You see them

0:01:18.200 --> 0:01:21.360
<v Speaker 1>targeting elder and also the youth very heavily. But of

0:01:21.400 --> 0:01:25.800
<v Speaker 1>course everyone is targeted, and small business owners are these

0:01:25.920 --> 0:01:29.280
<v Speaker 1>days probably more targeted than ever, and so I work

0:01:29.360 --> 0:01:32.680
<v Speaker 1>very closely with our risk teams. I visit our branches.

0:01:32.800 --> 0:01:34.520
<v Speaker 1>I spend a lot of time talking not just with

0:01:34.560 --> 0:01:37.440
<v Speaker 1>our consumer bankers who help individual customers, but also our

0:01:37.480 --> 0:01:40.360
<v Speaker 1>small business bankers and try to hear from them the

0:01:40.440 --> 0:01:42.760
<v Speaker 1>stories and the problems that they're experiencing when they have

0:01:42.800 --> 0:01:46.280
<v Speaker 1>customers who come in who have fallen prey to a scam,

0:01:46.360 --> 0:01:48.480
<v Speaker 1>or maybe they've just sent a wire and they're not

0:01:48.520 --> 0:01:51.160
<v Speaker 1>really sure where it went and they need help, And

0:01:51.200 --> 0:01:53.880
<v Speaker 1>so I help try to piece together all of these things.

0:01:54.360 --> 0:01:57.160
<v Speaker 1>And I'm also working even more closely than ever with government,

0:01:57.200 --> 0:02:00.480
<v Speaker 1>particularly with the DOJ and the FTC, really trying to

0:02:00.520 --> 0:02:03.240
<v Speaker 1>wrap our arms around it, not just as a bank,

0:02:03.360 --> 0:02:06.640
<v Speaker 1>but even as an industry, trying to help reduce the

0:02:06.720 --> 0:02:07.680
<v Speaker 1>number of these scams.

0:02:08.400 --> 0:02:11.200
<v Speaker 2>So it sounds like Kilee's company fell for one of

0:02:11.200 --> 0:02:14.679
<v Speaker 2>these classic straightforward kind of scams. So what are the

0:02:14.720 --> 0:02:17.280
<v Speaker 2>most common types of scams that you see. Tell people

0:02:17.360 --> 0:02:19.560
<v Speaker 2>sort of what you're seeing out there in the ecosystem.

0:02:20.040 --> 0:02:23.519
<v Speaker 1>Yeah, unfortunately, that's right. I mean, look, small business owners

0:02:23.520 --> 0:02:25.360
<v Speaker 1>are busy, You have a lot of things going on.

0:02:25.520 --> 0:02:29.079
<v Speaker 1>You hire vendors or help, and you assume and hope

0:02:29.080 --> 0:02:31.399
<v Speaker 1>they're doing the right thing, and usually they always are

0:02:31.840 --> 0:02:34.640
<v Speaker 1>and will point out. One thing Kilee did right was

0:02:35.080 --> 0:02:37.160
<v Speaker 1>soon as she caught it, she contacted the bank. A

0:02:37.200 --> 0:02:39.720
<v Speaker 1>lot of people sit on this. You probably have your

0:02:39.880 --> 0:02:44.480
<v Speaker 1>business banker contact information, call them immediately go to the

0:02:44.480 --> 0:02:46.920
<v Speaker 1>branch if you can. The sooner you act, the better

0:02:46.960 --> 0:02:50.600
<v Speaker 1>the chance of stopping the wire. For business owners, you're

0:02:50.639 --> 0:02:53.680
<v Speaker 1>really seeing a lot of the business email compromise scam.

0:02:53.880 --> 0:02:57.800
<v Speaker 1>It's really easy these days to fake an email and

0:02:57.880 --> 0:03:01.040
<v Speaker 1>it looks just like someone that you use to transacting with,

0:03:01.440 --> 0:03:05.919
<v Speaker 1>and they'll often ask you for payment details, for account details,

0:03:06.400 --> 0:03:09.360
<v Speaker 1>other ones that we see businesses fall for phony invoices.

0:03:09.840 --> 0:03:12.600
<v Speaker 1>So it's very easy as well these days, much easier

0:03:12.639 --> 0:03:15.560
<v Speaker 1>than ever to copy in invoice. You can change an

0:03:15.560 --> 0:03:19.240
<v Speaker 1>invoice that a vendor sends, change the wiring instructions on it,

0:03:19.320 --> 0:03:22.880
<v Speaker 1>change the payment information on it, and it looks completely realistic.

0:03:23.320 --> 0:03:26.880
<v Speaker 1>That's a very common one. Stolen identity that always remains

0:03:26.880 --> 0:03:27.720
<v Speaker 1>a really big one.

0:03:28.360 --> 0:03:30.720
<v Speaker 2>And what about some of the more sophisticated ones. I mean,

0:03:30.760 --> 0:03:34.720
<v Speaker 2>we read a lot now about pretty elaborate scams where

0:03:34.760 --> 0:03:37.360
<v Speaker 2>people have been really doing deep research and people get

0:03:37.400 --> 0:03:41.280
<v Speaker 2>compromised in other ways emotionally, logistically and otherwise.

0:03:41.960 --> 0:03:45.040
<v Speaker 1>Yeah, this is someone's job. Unfortunately, this is what people

0:03:45.080 --> 0:03:48.120
<v Speaker 1>do full time, so they do the research. And of

0:03:48.160 --> 0:03:51.560
<v Speaker 1>course there's tons of information out there about us, right,

0:03:51.880 --> 0:03:55.000
<v Speaker 1>there's lots of information about us personally. But if you're

0:03:55.080 --> 0:03:58.280
<v Speaker 1>a small business, particularly if you're a consumer facing small business,

0:03:58.280 --> 0:04:01.520
<v Speaker 1>you probably have all sorts of website pages up there,

0:04:01.840 --> 0:04:06.320
<v Speaker 1>including past ones. The scammers can very quickly go on LinkedIn,

0:04:06.360 --> 0:04:08.200
<v Speaker 1>they can go on social media, they can figure out

0:04:08.200 --> 0:04:10.920
<v Speaker 1>who all your employees are, they can figure out who's

0:04:10.920 --> 0:04:15.120
<v Speaker 1>in charge of the accounts and finances tech, if anyone

0:04:15.200 --> 0:04:18.400
<v Speaker 1>is monitoring your cyber they can learn who your vendors are.

0:04:18.800 --> 0:04:20.960
<v Speaker 1>And it's very hard, as you probably notice, scrub a

0:04:21.000 --> 0:04:22.080
<v Speaker 1>lot of that from the Internet.

0:04:22.640 --> 0:04:25.200
<v Speaker 2>Well, a lot of our small business clients don't want to.

0:04:25.240 --> 0:04:27.160
<v Speaker 2>I mean, these are small businesses they're trying to build

0:04:27.200 --> 0:04:29.400
<v Speaker 2>up their reputation. They're trying to build up a client base.

0:04:29.440 --> 0:04:31.160
<v Speaker 2>They need people to be able to find them.

0:04:31.640 --> 0:04:33.920
<v Speaker 1>That's why I think it's important to couple that awareness

0:04:33.960 --> 0:04:37.039
<v Speaker 1>that you have a public facing persona you have to

0:04:37.240 --> 0:04:39.679
<v Speaker 1>in order to run your business, but it is also

0:04:39.760 --> 0:04:42.560
<v Speaker 1>going to open you up to more targeting on a

0:04:42.600 --> 0:04:47.240
<v Speaker 1>personal side. For individuals, you see these romance scams or

0:04:47.279 --> 0:04:51.320
<v Speaker 1>what we call also pig butchering, which are basically like

0:04:51.360 --> 0:04:55.080
<v Speaker 1>investments or crypto scams. It can take months even years

0:04:55.120 --> 0:04:58.159
<v Speaker 1>to play out, but the payoffs are huge. Literally can

0:04:58.200 --> 0:05:02.240
<v Speaker 1>deplete someone's entire life savings millions of dollars. But this

0:05:02.360 --> 0:05:05.680
<v Speaker 1>shows the level of targeting that scammers and fraudsters will bring.

0:05:06.360 --> 0:05:08.479
<v Speaker 2>Let's talk about some of the things that people can

0:05:08.520 --> 0:05:09.160
<v Speaker 2>do about it.

0:05:09.680 --> 0:05:13.120
<v Speaker 1>There is a lot. I'd start with cyber hygiene. I mean,

0:05:13.160 --> 0:05:15.680
<v Speaker 1>first of all, even within your business, you should all

0:05:15.760 --> 0:05:18.760
<v Speaker 1>talk about it. Everyone should be aware that you're a target.

0:05:19.000 --> 0:05:22.040
<v Speaker 1>Talk about it with all of your employees. Right. Sure,

0:05:22.160 --> 0:05:25.080
<v Speaker 1>not all businesses have the resources to have a full

0:05:25.240 --> 0:05:28.000
<v Speaker 1>cyber program, but there's a lot of some fairly basic

0:05:28.080 --> 0:05:32.120
<v Speaker 1>things you can do. These include verifying all of your invoices.

0:05:32.680 --> 0:05:35.600
<v Speaker 1>You can regularly monitor your bank accounts, if you can

0:05:35.720 --> 0:05:38.760
<v Speaker 1>establish dual custody, to have an extra set of eyes

0:05:38.839 --> 0:05:42.679
<v Speaker 1>on payments, see if you can have maybe someone else

0:05:42.760 --> 0:05:46.800
<v Speaker 1>approving extra large purchases. In particular, The last thing I'll

0:05:46.839 --> 0:05:48.640
<v Speaker 1>say and answer to your question is have a plan.

0:05:49.320 --> 0:05:52.440
<v Speaker 1>I think a lot of people personally never believe that

0:05:52.480 --> 0:05:55.400
<v Speaker 1>they'll fall for a scammer fraud. Most businesses should be

0:05:55.400 --> 0:05:58.760
<v Speaker 1>thinking about a resiliency plan in general, like what happens

0:05:58.760 --> 0:06:01.560
<v Speaker 1>if they can open, if they're you know, climate issue,

0:06:01.640 --> 0:06:04.480
<v Speaker 1>whatever it is. It's not a question of if, assume.

0:06:04.520 --> 0:06:07.159
<v Speaker 1>It's more a question of when, and have a plan

0:06:07.240 --> 0:06:10.280
<v Speaker 1>for what you will do, Who you will contact, Who

0:06:10.360 --> 0:06:13.800
<v Speaker 1>at your financial institution or institutions you will contact if

0:06:13.839 --> 0:06:16.080
<v Speaker 1>you believe that there is a fraud or you may

0:06:16.120 --> 0:06:17.400
<v Speaker 1>have made an erroneous payment.

0:06:18.120 --> 0:06:20.880
<v Speaker 2>Can you talk a little bit about what banks, like us,

0:06:20.880 --> 0:06:23.400
<v Speaker 2>but other banks in general, are doing now to protect

0:06:23.440 --> 0:06:25.719
<v Speaker 2>people from these scams, because you know, we can't be

0:06:25.800 --> 0:06:27.760
<v Speaker 2>accountable for everything that happens in the world, but we

0:06:27.800 --> 0:06:28.640
<v Speaker 2>can certainly help.

0:06:29.440 --> 0:06:32.560
<v Speaker 1>So we are constantly monitoring all the various frauds and

0:06:32.600 --> 0:06:35.640
<v Speaker 1>the scams out there, and they're constantly changing. We inform

0:06:35.680 --> 0:06:37.640
<v Speaker 1>a lot of our risk rules, our risk rolls are

0:06:37.720 --> 0:06:40.120
<v Speaker 1>kind of dynamic, and we're always trying to sort of

0:06:40.160 --> 0:06:43.560
<v Speaker 1>update them and follow and block payments that don't look right.

0:06:43.680 --> 0:06:46.279
<v Speaker 1>But a very large part of it as well is education.

0:06:47.400 --> 0:06:50.160
<v Speaker 2>Last thing I want to talk about is new technology

0:06:50.360 --> 0:06:51.960
<v Speaker 2>on the scene, because I could see some of these

0:06:51.960 --> 0:06:55.880
<v Speaker 2>scams getting even more sophisticated. But also I could imagine

0:06:55.880 --> 0:06:58.200
<v Speaker 2>a world where it gives you tools to protect yourself

0:06:58.240 --> 0:06:59.279
<v Speaker 2>that didn't exist before.

0:07:00.200 --> 0:07:03.480
<v Speaker 1>Unfortunately, we're seeing the use of AI tools more and more,

0:07:03.800 --> 0:07:05.240
<v Speaker 1>and so you can think about it in a couple

0:07:05.240 --> 0:07:10.160
<v Speaker 1>different ways. The AI tools enable you to clone invoices,

0:07:10.400 --> 0:07:13.960
<v Speaker 1>clone websites a lot more effectively than we used to.

0:07:14.160 --> 0:07:16.640
<v Speaker 1>Right on a personal level, we've all seen it. You know,

0:07:16.680 --> 0:07:20.200
<v Speaker 1>the days of the old poorly written Nigerian print scam

0:07:20.360 --> 0:07:23.400
<v Speaker 1>like those are kind of laughably funny. Today you get

0:07:23.440 --> 0:07:26.280
<v Speaker 1>emails that look exactly like a major online retailer. They're

0:07:26.280 --> 0:07:29.440
<v Speaker 1>like perfect. The other place they're using AI tools that

0:07:29.440 --> 0:07:32.560
<v Speaker 1>we're seeing is in voice. So back to that. You

0:07:32.600 --> 0:07:34.360
<v Speaker 1>get a phone call from a vendor, it's someone that

0:07:34.400 --> 0:07:37.000
<v Speaker 1>you used to, it's going to sound just like them

0:07:37.000 --> 0:07:39.120
<v Speaker 1>because you can run your own voice through one of

0:07:39.120 --> 0:07:42.200
<v Speaker 1>these AI clones, and it's going to sound exactly like

0:07:42.240 --> 0:07:44.920
<v Speaker 1>someone you used to talking to on a personal level.

0:07:45.080 --> 0:07:46.520
<v Speaker 1>You may have seen it or heard of it with

0:07:46.520 --> 0:07:49.800
<v Speaker 1>an infamous grandparent scam of getting your call. Today people

0:07:49.800 --> 0:07:52.560
<v Speaker 1>are getting calls from their grandchild who's in jail and

0:07:52.600 --> 0:07:55.760
<v Speaker 1>in trouble, and it sounds exactly like their grandchild because

0:07:55.760 --> 0:07:58.280
<v Speaker 1>they're running it through these AI tools. Similarly, you can

0:07:58.320 --> 0:08:00.760
<v Speaker 1>do that with people that you do business with, so

0:08:01.240 --> 0:08:03.680
<v Speaker 1>be careful of who you're talking with on the other phone.

0:08:03.720 --> 0:08:07.440
<v Speaker 1>Are very wary of random calls that come up, especially

0:08:07.520 --> 0:08:12.480
<v Speaker 1>ones that have urgency or require you to act very quickly.

0:08:13.240 --> 0:08:16.480
<v Speaker 2>Do you think we can expect tools to come online

0:08:16.520 --> 0:08:18.600
<v Speaker 2>to help people prevent that? So will there be AI

0:08:18.680 --> 0:08:21.440
<v Speaker 2>detection tools and other things that come out into the marketplace.

0:08:22.160 --> 0:08:24.520
<v Speaker 1>Absolutely. I mean so we're already using a lot of

0:08:24.560 --> 0:08:27.440
<v Speaker 1>AI and machine learning, and the other thing we're doing

0:08:27.560 --> 0:08:30.200
<v Speaker 1>is we're taking a lot more time to really work

0:08:30.280 --> 0:08:34.920
<v Speaker 1>with government and with other entities, major retailers, the social

0:08:35.000 --> 0:08:37.160
<v Speaker 1>media companies. This is going to be something I think

0:08:37.240 --> 0:08:39.880
<v Speaker 1>you'll see publicly more and more in twenty five. You've

0:08:39.880 --> 0:08:43.000
<v Speaker 1>already seen some of it and just really trying to

0:08:43.280 --> 0:08:47.120
<v Speaker 1>get our arms around the tools that these scammers use

0:08:47.200 --> 0:08:49.040
<v Speaker 1>to contact our customers.

0:08:49.520 --> 0:08:53.319
<v Speaker 2>Well, be aware, make a plan exactly. Thanks very much, Darius,

0:08:53.360 --> 0:08:54.520
<v Speaker 2>it's great to have you on the show.

0:08:54.559 --> 0:08:55.679
<v Speaker 1>Thanks, Ben, appreciate it.

0:08:59.080 --> 0:09:02.200
<v Speaker 2>Thank you for listening. Fraud and scams can come from anywhere,

0:09:02.280 --> 0:09:04.600
<v Speaker 2>so please stay vigilant and have protocols in place for

0:09:04.679 --> 0:09:07.360
<v Speaker 2>your business to make sure you and your business stay safe.

0:09:07.880 --> 0:09:10.880
<v Speaker 2>I'm Ben Walter and this is the Unshakeables from Chase

0:09:10.920 --> 0:09:14.000
<v Speaker 2>for Business and Ruby Studio for iHeartMedia. We'll see you

0:09:14.040 --> 0:09:14.640
<v Speaker 2>back here soon.