Opt-in for two-factor authentication
If your bank offers it, sign up for two-factor authentication, which will require you to take an extra step to sign in to your account from an unfamiliar device. For example, you might have to copy a security code that’s sent to your phone or email.
Be cautious when checking emails. You may receive an email that looks like it’s from your bank or another trusted company, but is actually a trick. These phishing emails may ask you to sign in to your account (they could even direct you to a website that looks just like the bank’s website) or email back personal information, and then use that to log in to your account and steal your money. Ignore suspicious emails, or you can call your bank if you’re unsure about an email you receive. Always use the phone number on the back of your debit or credit card or on the bank’s official website and don’t rely on information from an incoming email.
Keep antivirus software updated. Make sure your computer has antivirus software, regularly check for software updates and scan your computer for infections. Change your banking password — and other online account passwords — if you find a virus.
Manage risk and fraud
Running a business carries inherent risks. Identifying and mitigating these risks will enable your small business to continue thriving. Fraudsters are constantly evolving new attacks and schemes, some of which target small businesses.
Preventing payment fraud
When setting up payment acceptance, several platforms (including our partners) offer fraud mitigation modules. Ensure these are enabled and configured. Example features to look for include limiting transaction amounts, number of transactions within a timeframe, enabling CVV checks (the 3 or 4 digit numbers on the back of cards), AVS checks (address verification services), and transaction risk scoring. Accept tokenized payments such as Apple Pay, Google Pay, and Samsung Pay. Tokenized transactions are proven to reduce fraud by replacing card numbers with unique tokens representing card numbers. Consider customer identification verification platforms. While some are features are embedded in payment platforms, other services that analyze consumer information such as email account age and IP address tracking may help to flag additional fraudulent transactions.
Reduce internal payment risks
If you have a small business credit card, check with your issuing bank to see if they offer platforms to help control spending and usage, similar to Visa Payment Controls. This will help especially if you have employees that are charging business expenses. In addition, carefully track your small business's finances and expenses will help ensure you are not subject to fraud and internal theft. Visit Visa’s Payment Controls site for more details.
Risks and fraud attacks beyond payments
Beyond financial and payment risks, businesses should be prepared to address a variety of risks both internal and external. Internal risks are typically weaknesses that may be overlooked internally to your business such as equipment malfunctions, employee-related issues like theft, and even cash flow issues. External risks are typically out of your control and difficult to prepare for such as cyber security threats, shifting competitive landscapes, and litigation suits. While there is no one size fits all solution, do research common risks and approach them with a calculated methodology. Depending on your risk tolerance, you may decide to invest time in mitigation tactics, additional systems, and different types of business insurance.