Important alert: We have received reports of fraudsters impersonating Mechanics Bank employees. Please be aware that we will never call, text, or email you to ask for your password, personal information, or PIN details. If you receive a suspicious call, hang up immediately and contact us at 800.797.6324.  

Protect your business

Fraudsters are increasingly targeting small and medium size businesses instead of large corporations. Why? Because many smaller businesses do not believe they will be a target and may lack the proper security measures to prevent an attack.

We continuously work to protect your business. We use state-of-the-art security equipment and rigorous security protocols to protect against data breaches and intrusions into your information. 

But it's also important that we provide resources and actionable insights that you can use to help protect your business. Use the resources provided here to stay informed and educated. Together, we can identify and prevent fraud events.

Imposter scams

Imposter scams are a pervasive and varied threat that target small businesses, aiming to access sensitive data, personally identifiable information (PII), credentials, and financial resources. These scams often involve fraudsters masquerading as someone the business trusts. Here's a list of common imposter scams so you can identify red flags fast.

  • CEO Fraud/Business Email Compromise (BEC) - Scammers pose as company executives or high-ranking officials and send emails to employees, typically within the finance department, requesting urgent wire transfers, payment of invoices, or sending of sensitive employee information.
  • Check Fraud - Individuals and criminal operations steal checks and use chemicals to remove the ink on all lines except the signature line (“washing” the check). This allows them to change the amount or make themselves the payee. Then, they deposit or cash your check and steal your money.
  • Tech Support Scams - Fraudsters claim to be tech support from well-known companies, alleging they've found a problem with the business's computer or systems and require remote access or payment to fix the issue.
  • Vendor or Supplier Impersonation - Scammers impersonate a business's vendor or supplier, informing the company of a change in payment details to redirect funds to fraudulent accounts.
  • Government Agency Impersonation - Individuals pose as government officials claiming the business owes taxes, fines, or that it needs to comply with some regulations, demanding payment or sensitive information.
  • Utility Company Fraud - Imposters claiming to represent utility companies threaten to cut off services like electricity, water, or internet unless an immediate payment is made.
  • Legal Authority or Law Enforcement Scams - Fraudsters pose as law enforcement or legal representatives, alleging that the business is under investigation or part of legal proceedings, and demand information or payment to resolve the issue.
  • Bank and Financial Institution Imposters - Scammers contact businesses pretending to be from their bank or another financial institution, claiming there's a problem with their account and requesting credentials or financial information to "resolve" the issue.
  • Tax Scams - Impersonating tax authorities (such as the IRS in the United States), fraudsters claim the business has unpaid taxes and faces penalties or legal action unless they make an immediate payment.
  • Payment Processor Scams - Scammers pose as representatives from payment processing companies (like PayPal) claiming there are issues with transactions, requiring login details or payment to fix supposed issues.
  • Fake Job Postings and Employment Scams - Fraudsters pose as job applicants or recruitment agents to gain access to business systems or to perpetrate payroll fraud.
  • Charity and Donation Scams - Imposters claim to represent charitable organizations, especially after natural disasters or during holiday seasons, to solicit donations from businesses.
  • Phishing and Spear Phishing - A broad category of imposter scams where fraudsters use emails, messages, or phone calls to impersonate legitimate institutions or individuals to steal data, credentials, or install malware.
  • Angler Phishing - A specific type of phishing that exploits social media interactions, where scammers create fake customer support accounts to intercept and respond to customer queries directed at businesses.
  • Deepfake Impersonation - An emerging threat where AI-generated audio or video is used to create highly convincing fake communications from trusted individuals, such as CEOs or business partners, to manipulate employees or executives into transferring funds or divulging sensitive information.

Understanding Data Breaches

Data breaches have become a significant concern for businesses of all sizes, across all sectors. Learn about the impact they cause and how you can safeguard your business.

Learn more

Protect your business from scams

Now that you have an idea of business imposter scams, learn about these security steps you can take to help safeguard your business cybersecurity:

  • Perform periodic risk assessments to evaluate controls.
  • Monitor your accounts closely on a daily basis.
  • Install and use spam filters.
  • Educate yourself and your employees about corporate account takeover and other types of schemes.
  • Be sure to install all security updates for your operating systems and other applications.
  • Don't respond to or open attachments or click on links of unsolicited emails. When in question, contact the source directly to verify authenticity.
  • Be wary of pop-up messages claiming your machine is infected and offering to fix the problem. These are often vehicles to install malware.
  • Install and maintain device upgrades, anti-virus, anti-spyware, anti-malware and firewalls. Set them to update automatically.
  • Maintain up-to-date cybersecurity measures, including anti-phishing solutions.
  • Regularly backup data and have an incident response plan in place.
  • Switch to secure electronic payment methods (ACH, online banking bill pay).
people sitting in a meeting

Positive Pay Services (ACH and Check)

Business checking accounts are often targets for fraudulent activity. With our Positive Pay solutions, you have the control to pay only those electronic items that you have preauthorized and checks that match the issue file you supply the bank, while having the option to review and validate the items that don’t match.

Learn more

Fraud Prevention Checklist


Use this checklist to help guide the effectiveness of your internal controls to help identify areas of your business that may be vulnerable to fraud. 

  • Is ongoing anti-fraud training provided to all employees of your organization?
  • Is an effective fraud reporting mechanism in place?
  • Is it possible fraudulent conduct is aggressively sought out, rather than dealt with passively?
  • Are fraud risk assessments performed to proactively identify the organization’s vulnerabilities to fraud?
  • Are strong anti-fraud controls in place and operating effectively?
  • Does the internal audit department, if present, have adequate resources and authority to operate effectively and without undue influence from management?
  • Are employee support programs in place?
  • Is an open-door policy in place that allows employees to speak freely about pressures?
  • Are regular anonymous surveys conducted to assess employee morale?