Using corporate cards comes with risks that you and your business should be aware of. Here are some tips to have in mind and guidelines to implement for everyone in your business who uses corporate cards to make payments at physical points of sale.

• Always keep corporate cards and card details secure by not leaving these unattended – never lend your card to somebody else.
• Limit employees’ access to the business’s corporate cards.
• Educate cardholders regularly about being vigilant when they use their corporate card at a physical point of sale.
• Never write the PIN down or reveal it to others.
• Always cover the keypad when you enter the PIN.
• Be aware of your surroundings when you withdraw money, ensuring no one is looking over your shoulder, and never have the card’s PIN written down on a note.

To protect a business from financial crime, there should be clearly defined procedures and processes governing payments and transfers. Below, you will find some advice on how to protect your business.

• Check the bank details of the receiver multiple times and ensure the payment or transfer is being made to the correct bank account.
• Fraudsters typically take advantage of a hectic workday or they strike during holiday periods and other situations when managers or other senior employees are likely to be away. So be particularly on the alert for emails, text messages or phone calls at these times.
• Be on the lookout for changes in or unusual invoices and payment requests from unknown suppliers.
• Verify invoices before issuing payments to avoid becoming a victim of invoice fraud.
• Always validate new or changed beneficiary account details by making a phone call to a trusted contact (single point of contact (SPOC)) or from the official website.
• Make sure that the right procedures for transfers and payments are always followed and avoid using any contact details stated on the invoice – use the contact channel you normally use.
• Use the security options in District to receive notifications for important transactions on the business’s accounts or set up two-user authentication of all invoice payments – this can help prevent fraud.
• If you want us to assist you with a payment or if you have questions regarding a payment, please contact us through eBanking or District.

Making purchases and transfers online is easy, which makes it easy for fraudsters as well. Remember to ensure that your business’s online security procedures are in place to reduce the risk of fraud.

• If you need to visit a website, you should enter the web address directly in the browser’s address bar rather than clicking on provided links – unless you have verified that they the links are genuine.
• Check that the vendor’s website also lists a physical address, email address and telephone number. If there is no contact information, the website may be a scam.
• Be wary of ads that offer unbelievable deals or miracle products – if it sounds too good to be true, it probably is!
• Check your trading partner’s website to make sure it is genuine and that the information it provides matches what you know about them.

Always monitor activities on bank accounts and educate employees to stay alert for unusual transactions. The advice provided below may help you prevent suspicious activity on your business's accounts.

• Check account movements regularly and be aware of any suspicious transactions that you cannot recognise.
• Use the security options provided in our eBanking solution District, such as managing payment limits and receiving notifications about balances and payments above a certain amount.
• Contact your bank immediately if you detect any unusual transactions.
• Block your card if you suspect any fraud on your corporate card.
• If there are transactions on your account that you do not recognise or accept, you should submit a dispute on card related transactions.
• If the transaction you do not recognise or accept is a transfer, please contact us on +45 70 123 456.

A common tactic used by fraudsters is social engineering, and many security breaches occur when employees unwittingly click on unsecure links or hand over passwords or confidential information on channels that are not secure. So always stay vigilant when you receive emails, text messages and phone calls. Follow the advice below to reduce the risk of social engineering attacks.

• Educate your employees to be careful when they disclose confidential or personal information over the phone or by text or email – even if the request seems genuine. Danske Bank will always ask that sensitive information be provided only via secure channels such as eBanking or District.
• Implement a support process so that phishing emails can be reported – early reporting means that quick action can be taken to reduce exposure to risk.
• Never open suspicious links or attachments received via email. Be particularly wary if you open personal emails on one of the business’s computers.
• Be wary if the email has poor spelling or grammar, and double-check the authenticity of the sender. If a message says it is from Danske Bank but you think it may be suspicious, you should contact us on +45 70 13 30 00 or via eBanking or District.
• If you have any misgivings about an email or text message, you should delete it immediately. If it claims to be from a sender who you know, contact that person directly on the phone number you would normally use – do not use the number given in the email or text message.
• Be wary if you receive an urgent-request email, text message or phone call from someone in a senior management position who you are not normally in contact with. This is a sign of CEO fraud.

Read more about fake emails, text messages and fake phone calls.