The commercial fraud and online safety resource center
If you suspect you've been targeted by fraud, call the First Financial Bank Business Support Center (BSC) at 866.604.7964.
Fraud leads to lost time, profit, and productivity. The best defense against fraud is preparedness. First Financial Bank monitors the latest fraud trends and tactics scammers use so you can keep your organization safe.
The 2025 fraud best practices checklist
An average of 80% of organizations are victims of payments fraud attacks every year.1 We've put together a monthly breakdown of tips and strategies to help your organization be proactive about fraud prevention. Here's a preview:
- Create and define a payment policy to mitigate fraud vulnerabilities
- Prioritize electronic payments instead of less secure physical checks
- Utilize fraud mitigation services
Stay alert: fraud trends
- Phishing
- AI and deepfakes
- Payment fraud
- Internal fraud
Phishing attacks take many shapes, but they all start the same general way. You’ll receive an email or a text that looks like it is from someone you know or don’t know asking you to click a link. How phishing works:
- You get an email or text from someone you know (or don’t know) asking you to click on a link, provide banking information, a password, or other sensitive information.
- The message looks authentic and can convey a sense of urgency.
- After clicking the link, you may be asked to provide confidential information such as banking information, a password, or other content.
- It's also possible that the link was infected and installed malware (malicious software) on your device without your knowledge. The malware will record your sensitive information whenever you use the device in your daily activity.
- The malware can infect not only the device of the person who clicked the infected link, but can infect entire systems and networks.
Protect your organization by ensuring your employees know:
- Never click an unsolicited link or share sensitive information over email or text.
- If you are suspicious of an email or text, double check the sender’s email address or phone number and compare it to the trusted contact information you have on file.
- Contact the group or individual that sent the email or text directly by using the contact information you already have on file and validate the request.
- Rest assured that requesting validation of suspicious or unexpected requests is standard risk mitigation practice.
Artificial intelligence tools are more advanced than ever before. These tools make it easier for criminals to deceive their targets and broaden their reach businesses of all sizes. Here’s what to watch out for:
- Suspicious images, videos, or voice calls impersonating executives, managers, or other people you are working with.
- Artificially generated invoices, contracts, or bank fraud alerts aimed to capture sensitive information.
- Sophisticated fake websites pretending to be from services or banks your organization has a relationship with.
Protect your organization:
Artificial intelligence tools are more advanced than ever before. These tools make it easier for criminals to deceive their targets and broaden their reach businesses of all sizes. Here’s what to watch out for:
- Establish secret phrases to confirm the identity of the person and the validity of their request.Artificially generated invoices, contracts, or bank fraud alerts aimed to capture sensitive information.
- Adopt dual controls so that no one individual can perform a request for scammers.
- Validate all requests for payment or passwords with the person who made the request by contacting them directly by using information you already have on file.
Payment fraud is when criminals use stolen or false information to gain access to funds and accounts or to make unauthorized payments. The most common forms of payment fraud are:
Check fraud
Surprisingly, 92% of organizations continue to use checks to pay their vendors.2 Checks present a few unique security challenges that organizations should be aware of. Some of the most common forms of check fraud are:
- Check washing, which refers to the process of stealing a check, erasing the ink, and either writing a higher value to a different recipient or duplicating and selling the blank checks. Protect your organization by writing checks with permanent ink, retrieving your mail frequently, dropping mail directly inside your post office, and using electronic forms of payment instead.
- Counterfeit checks, which can be created when someone gains access to your routing and account number and accesses your funds without your consent.
- Mail theft, which can allow criminals access to account numbers or other personal information that can then grant them unauthorized access to accounts and funds.
- Deposit theft, which occurs when criminals take a legitimate check and deposit it into a bogus business. Wire fraud and cash-back scams:
Business Email Compromise:
Scammers have sophisticated methods of impersonating known businesses and individuals via email. These methods are used to request payment, either to false accounts or through links to fraudulent websites that will install malware and give the criminals access to sensitive information.
- Don't use email as payment instruction. Always verify payment requests by calling a trusted number, setting up security phrases, and setting up dual control for payment initiation.
Unfortunately, a high risk of financial loss exists inside your organization from your own employees. Common vulnerabilities include:
- Inefficient processes that keep terminated employees on accounts.
- Outdated account limits or restrictions.
- Lack of oversight through multi-layer approvals.
- Manual data without automated checks to catch errors.
How to protect your organization:
- Review accounts, users, and admins regularly—at least annually if not more often.
- Consider digital platforms that run reports to alert you to discrepancies in records.
- Set up multi-factor authentication for accounts so that no one person can single-handedly move funds without oversight.
- Perform separation of duties analysis across your financial operation.
Information hub
Fraud mitigation services
As a bank we deliver services that are proven to help combat fraud and mitigate loss. Learn more, and ask your banker what makes sense for your organization.
1 "2025 AFP Payments Fraud and Control Survey Report;" Association for Financial Professionals. https://www.afponline.org/training-resources/resources/survey-research-economic-data/details/payments-fraud.
2 "Making the Switch: Moving from Checks to Digital Payments;" Association for Financial Professionals. https://www.afponline.org/training-resources/resources/articles/Details/making-the-switch-moving-from-checks-to-digital-payments.