I Was Scammed

(Opinion) — As technology grows more sophisticated, it is natural to assume the capacity to use that same technology to identify and prevent fraud would also grow equally robustly. As I recently found out for myself, however, that isn’t necessarily the case.

Yes, I, a businesswoman of color who considers herself financially savvy and ​“street smart,” found myself and URU The Right To Be, the nonprofit agency I founded and for which I serve as CEO, the unwitting victims of a serious fraudulent banking scheme.

I recently fell quite ill, enough so that I was admitted to the hospital for more than a week. During what was an extremely busy and stressful time for me and my staff, URU’s bank account was defrauded by a new type of scheme. Somehow, the perpetrator got his or her hands on a legitimate check — perhaps one that was issued as a payment to a legitimate vendor — then someone with graphic design skills altered the check details, such as the payee and dollar amount. They then produced multiple checks, all of which look perfectly authentic.

In our case, my electronic signature was on a check going out to a vendor, and we haven’t even been able to track who that vendor is. But what happened next, was truly something created by the proliferation of technology I referenced above.

In our case, my signature was on a check that went out to a vendor, which somehow fell into nefarious hands. Then the fraudulent checks this party created were written to various other individuals. They weren’t deposited in banks, but rather into a ​“fly-by-night” debit card account, from which the culprits began drawing funds. At first, the checks were written for $1,000, but once they realized their scam had worked and we were vulnerable, the amounts rose to $2,500. News of this came from URU’s bookkeeper, who had to contact me while I was still in the hospital, making it that much harder to manage the crisis.

Of course, our first action was to reach out to our bank, which was, quite honestly, not very helpful. The staff there acknowledged that they know this kind of fraud is occurring, but they fell short on ​“doing the work.” Once we addressed this with the bank’s fraud department, we were advised to call the police, which we did. We were informed by law enforcement that several New Haven nonprofits, most much larger than URU, had also been victimized by this scam — some more than once with the same bank!

These kinds of malicious scams are happening more frequently, even in New Haven, where nearly 60 percent of the city’s economy is made up of services, particularly education and health care. This includes the many small nonprofit organizations — many of which operated on shoestring budgets with minimal staff — that help provide vitally important services to some of the city’s most vulnerable and needy residents. While New Haven is, in many ways, a ​“small-town” city, it has ​“big-city” issues.

Tech-savvy criminals are good at this game. So how can innocent people and respectable organizations protect themselves against the fraud that is only made possible by the very ​“super-technology” most of us assume should protect us, rather than increase our vulnerability?

Here are some tips for small businesses to prevent fraud, offered by Chargeback:

• Implement fully documented fraud policies and procedures;
• Educate yourself and your employees about fraud;
• Keep recordkeeping consistent and accurate; include assets, inventory, and complete records, including, accounting, billing, etc.;
• Have a computer dedicated solely to your account needs. Monitor your use of social media and other recreational websites that can make your IT system vulnerable;
• Consider obtaining insurance to help recover full or partial losses from fraud;
• Have a sound password policy. This should include rules for setting up passwords, regular password updates, using different passwords for different systems, etc.;
• Secure your IT infrastructure and computerized assets; e.g., by investing in a firewall, installing antivirus and malware detection, keeping several file backups to restore function in the event of a cyber-attack;

For the average citizens, U.S. News and World Reports suggests the following, all of which are echoed by local law enforcement personnel:

• Write checks sparingly;
• Use only secure mailboxes for outgoing mail containing personal checks; e.g., those within your local post office. Be extra vigilant during tax time, when many people leave their IRS returns and payments in their mailboxes to be picked up by the U.S. Postal Service;
• Treat your checkbook like cash, because in the wrong hands, it’s the same thing;
• Balance your checkbook every month, paying careful attention to transactions and withdrawals.

My company and I follow these recommendations fully, and yet we still fell prey to this scam. I offer my own story and these suggestions as a cautionary tale to New Haveners and to our city’s businesses and agencies about fraud schemes only made possible through the proliferation of technology in our everyday lives.

What happened to me and my business could easily happen to you or to your organization. While writing this article, I literally spoke to six other companies in the New Haven area that have been hit by this scam. If it should happen, I urge you to act quickly to report it to your banking institution and the proper authorities. As my grandmother used to say, ​“An ounce of prevention is worth a pound of cure.” With this kind of fraud, it’s also worth a lot of grief, aggravation and financial loss!