It has come to our attention that two of our regions and one of our S/P/Ns have recently been victims of fraud attempts. There are myriad ways fraudsters can get information online. (Per federal regulations, nonprofit information filed with the Internal Revenue Service is a matter of public record.) How can you protect yourself and Alpha Delta Kappa?
Alpha Delta Kappa International and the Foundation have trusted and used United Missouri Bank (UMB) for decades. We asked Senior Advisor Anne Bowman for advice:
Check, ACH, and wire fraud continue to rise, and being alert to these fraudsters’ methods is important
In terms of best practices, I would emphasize a few things. Your groups should not initiate any form of payment without verbally confirming the request is valid with an authorized person. A quick phone call (making sure you have their correct phone number, and not just a number on the correspondence) can go a long way to avoiding malicious attempts on an account.
Always require dual control on any wire payment. You should have an internal dual control policy, as well as dual control set up with the bank. The safest strategy would be a policy of no wires.
I would also suggest any changes relating to payments be verified. Even if a vendor sends you a request to change a payment address, you should call the vendor to verify.
Another good practice is to review the email address on any request for payment. It may look similar, but on closer inspection, you can see it does not match the actual address.
Finally, just be alert and be suspicious of everything. If someone is pushing you to make a payment, don’t be rushed. Take the time to verify anything that might not seem quite right.
Certainly, fraud should be reported to the bank which initiated the payment. You may also want to contact the police department and local FBI office.
As it relates to retrieving the funds, you should be working with the sending bank. Most times, with outgoing wires, when the money leaves the bank, you won’t see it again. It’s often sent to another bank, and then immediately wired out of that bank to an overseas bank.
Everyone should be reviewing their account daily online and be alert to any suspicious activity.
United Missouri Bank Security Resources:
NACHA (National Automated Clearing House Association) website—The governing body for the ACH system.
**IRS Phishing scheme**
Furthermore, we have learned that there are 990-N e-Postcard phishing schemes out there, where chapters are getting emails disguised as if they are coming from Headquarters with a link to file the 990-N e-Postcard. The link is to a false IRS site, and when they try to file it tells them they either owe money to the IRS or have to pay money to file. It is a scheme to get credit card numbers. We are income tax exempt and none of our chapters owe income taxes unless there are very special circumstances. YOU SHOULD NEVER BE CHARGED TO FILE THE 990-N E-POSTCARD. IF YOU HAVE CONCERNS, PLEASE CONTACT INTERNATIONAL HEADQUARTERS (firstname.lastname@example.org or 800-247-2311).
The IRS has seen an approximate 400 percent surge in phishing and malware incidents. The IRS does not initiate contact with taxpayers by email to request personal or financial information.
The IRS also does not email 990-N e-Postcard confirmations any longer.