Subscribe

Strategic Advice How to defend against ACH fraud

How to defend against ACH fraud

In the 1970s, the Federal Reserve created the Automated Clearing House (ACH) system to process payments electronically and lessen dependence on paper checks.

Today, billions of electronic funds transfers (EFTs) occur annually on the ACH system. In 2024 alone, the system processed an average of 33.6 billion transactions that encompassed everything from payroll and direct deposit to services like PayPal and Venmo.Disclosure 1

This high volume and variety makes corporate ACH payments prime targets for fraudsters. In the 2025 AFP Payments Fraud and Control Survey Report, nearly 40% of respondents said their company’s ACH debits were the subject of payments fraud in 2024.

Key concepts

In this article, we’ll explore:

  • What ACH fraud is and how it happens
  • Suggested strategies to prevent ACH fraud
  • How Truist can help protect your business against fraud

Video: An introduction to ACH fraud

Component ID : "accordionGridLayout-217370434"
Model : "disclaimer"
Position : "left"

[Fraud prevention 101: ACH fraud] [Truist logo]

[ACH fraud: ACH fraud is one of the fastest-growing types of fraud. Find out how we can help you stay one step ahead.]

Narrator: ACH fraud is one of the fastest-growing types of deception techniques, especially as criminals create more sophisticated scams and use the latest technology to their advantage. A common trick is to infiltrate a vendor’s contact information and respond to a previously sent message so it appears to be part of the same chain or thread.

Some even use details from social media to make the email, text, or online message seem like it’s coming from a trusted contact.

One of the best ways to prevent fraudulent transactions is to have close relationships with vendors.

Check in with them to verify any unusual or first-time requests, changes in contact information or remittance addresses, or changes in wiring or ACH instructions. Whenever possible, confirm any change with two sources.

Monitoring incoming ACH payments is just as critical. Truist offers fraud prevention services that allow you to block or review ACH debit transactions before they deposit to your account.

We also offer a Universal Payment Identification Code, which gives you masked account numbers for receivables to help prevent unauthorized charges to your account.

It can be good to remind everyone within your organization that time spent reviewing ACH transactions upfront can reduce time spent rectifying problems later.

How does ACH fraud happen?

ACH fraud occurs when fraudsters use the ACH Network to steal funds via unauthorized transactions. Examples include:

  • Unauthorized transfers from a victim’s bank account
  • Payment for goods and services scammers have sent to themselves
  • Withdrawals using stolen debit card numbers
  • Scheduling automatic bill payments to a fraudster’s account

ACH fraud relies on social engineering scams such as corporate phishing and business email compromise (BEC). Fraudsters pose as trusted employees, associates, financial institutions, or federal agencies. They trick employees into sharing corporate bank account information they can use to move company funds into their accounts.

Scammers tend to direct ACH fraud scams at midsize and smaller businesses, believing they’re less likely than larger companies to have strong cybersecurity programs.

The 2025 AFP Payments Fraud and Control Survey Report found that ACH credits fraud was second only to wire transfer fraud as the largest source of BEC scam activity in 2024—rising to 50% from the previous year’s 47%.Disclosure 2

Good news: New ACH rules help combat fraud.

In 2024, members of the organization governing the ACH Network, Nacha, passed new protocols to minimize incidences of one of the leading methods used to target ACH transfers.Disclosure 3 The new rules help combat the use of BEC to exploit credit-push payments by implementing a base level of payment monitoring for all participants in the ACH Network.

Two pie charts and one table provide info that pertains to ACH fraud, the information for each of which is sourced from the “2025 AFP Payments Fraud and Control Survey Report.” The heading for the single, rectangular image containing all three graphics reads “ACH fraud by the numbers.” On the left-hand side of the rectangular image containing all three graphics, the two pie charts are placed side by side. A subhead above both pie charts reads “ACH fraud as a percentage of all forms of payment fraud in 2024.” On the bottom edge of the leftmost pie chart is a label that reads “ACH debits.” Inside the pie chart is a violet-colored section of the circle partitioned off from a larger lilac section. Within the violet segment is the text: “38%.” On the bottom edge of the second pie chart from the left margin of the graphic is a label that reads “ACH credits.” Inside the pie chart is a violet-colored section of the circle partitioned off from a larger lilac section. Within the violet segment is the text: “20%.” To the right of the second pie chart is a dividing line that cuts vertically down the middle of the image. On the right-hand side of that dividing line is a table. The table has four vertical columns, three horizontal rows, and is titled “Targeting of ACH transactions using business email compromise (BEC) fraud.” Moving left to right and top to bottom, the three entries in the first, left-most column read: • ACH use in business email compromise fraud • ACH debits • ACH credits Moving left to right and top to bottom, the three entries in the second column from the left margin of the table read: • 2024 • 26% • 50% Moving left to right and top to bottom, the three entries in the third column from the table’s left margin read: • Annual revenue less than $1 billion • 23% • 68% Moving left to right and top to bottom, the three entries in the final column forming the table’s right margin read: • Annual revenue at least $1 billion • 26% • 43% Just beyond the bottom border of the rectangular image containing the two pie charts and the one table is a footnote. That note indicates all information provided in each pie chart and the table is sourced from the “2025 AFP Payments Fraud and Control Survey Report.”

Did you know? ACH Blanket Block stops all ACH debit attempts.

ACH Blanket Block is a fraud control solution we offer here at Truist. If there’s an account you don’t use for ACH transfers, request an ACH Blanket Block. If anyone tries to debit money from the account, their request will automatically bounce back—no monitoring required. Talk to your Truist relationship manager to learn more about ACH Blanket Block.

Best practices and prevention

Mitigating the risk of ACH fraud starts with creating a proactive and strong defense plan. Here are some strategies that can help you and your team prevent ACH fraud at your organization.

Prioritize employee training.
Teach your staff how to spot password theft and social engineering fraud, two of the most common scams used to obtain ACH information. Stress the importance of keeping company information private. Running a mock phishing campaign can help your IT team identify weak points in your defenses—and give your employees more confidence to handle a real-world scenario.

Update protective protocols.
Layering protocols can multiply their protective effect. Consider implementing transaction limits, review periods, and dual controls (where two or more employees must approve each transaction). You could even opt to use a credit-only account that accepts deposits but doesn’t permit debits. For updates on the latest ACH news and risk management tools, subscribe to Nacha’s ACH Network newsletter.

Boost your tech defenses.
On the macro level, you’ll want to update every employee’s antivirus software regularly to help block malware and spam. On the micro level, implement multifactor authentication for all ACH payments. For an extra layer of security, ask your Truist relationship manager about a Universal Payment Identification Code (UPIC), an account number alias you can distribute to your partners.

Talk to Truist.
Are you taking advantage of all the fraud control options available to you? Contact your Truist relationship manager to learn about our ACH fraud control solutions, including ACH Blanket Block and UPIC. These tools can help your employees reduce risk, make informed decisions, and act quickly to stop or minimize losses.

FAQ on ACH fraud

Component ID : "faq-1301646222"
Model : "faq"
Position : "left"

Yes. While both are electronic forms of fraud, funds stolen via wire transfer are sent directly from party to party without passing through the ACH network and its layer of fraud protection.

We provide several solutions that can help reduce the risk of ACH fraud for your business. These include ACH Fraud Control, ACH Blanket Block, and UPIC. Ask your Truist relationship manager or treasury consultant to explore your options and find the right solutions for your business.

Truist’s ACH Fraud Control helps prevent unauthorized and erroneous transactions. You can set parameters for transactions (such as upper limits), customize your protections, and receive detailed reports on ACH account debits.

Truist’s ACH Blanket Block prevents all ACH activity on one or more accounts of your choosing. Any attempted debit or credit transaction would be returned to the originator automatically—without ever touching your account.

A UPIC, or Universal Payment Identification Code, is a unique code you can give to partners, vendors, and suppliers. It allows them to send you electronic payments without using your actual bank account details. This reduces the risk of your account number being exposed in a data breach.

Yes, but the process is time sensitive. Nacha maintains a two-day return deadline for business accounts from the date of the initial fraudulent transaction. If an illicit debit obtained through a BEC is identified, notifying the receiving bank as quickly as possible increases your chances of successfully placing a hold on those funds and getting a return.

To report ACH fraud related to a Truist account, you can call us at 844-4TRUIST (844-487-8478). You can also contact your relationship manager or treasury consultant. Learn more about reporting fraud at Truist.

Turn to professionals for protection.

To learn more about cybersecurity threats and the various types of fraud facing your organization, connect with one of Truist’s relationship managers.

Truist Purple PaperSM Digital Transformation

Learn how you can put advanced technology to work for your business.

 
Download the Purple Paper (PDF)
Client stories

Supporting a future-focused advisory firm through accelerated growth

Helping a repair service entrepreneur flip the switch on business transition

Paving the way to growth for an infrastructure innovator

See all Client Stories

Related resources

    {0}

    {0}

    {2}
    {6}
    {7}
    {8}
    {9}
    {12}
    {10}
    {11}

    {3}

    {1}
    {2}
    {6}
    {8}
    {9}
    {10}
    {11}
    {14}
    {12}
    {13}
    {1}
    {2}
    {7}
    {8}
    {9}
    {10}
    {11}
    {14}
    {12}
    {13}

    Stay informed and get connected

    Looking for fresh thinking and new insights to help uncover opportunities for your business needs?

    Connect with a Relationship Manager

    Work with a partner who sees your vision and has the resources to help you achieve it. We’re ready to focus on the specific needs of your company—and where you are in your business lifecycle.

    *This form is for prospects. Truist clients should contact their relationship manager with inquiries related to commercial products and services.

    Contact us

    Helpful links

    Business Insights
    Truist Business Lifecycle Advisory
    Business Resource Center
    Sign up for monthly articles on Business Insights

    Sign up to receive our business insights, thought leadership, and client success stories that can help inspire your next bold business move.

    Please enter a first name
    Please enter a last name
    Please enter a valid email address
    Please enter a company name
    I'm also interested in: Please select a campaign option
    Component ID : "accordionGridLayout-1396148670"
    Model : "disclaimer"
    Position : "left"

    Disclosure 1ACH payments fact sheet,” Nacha, 2025.

    Disclosure 22025 AFP Payments Fraud And Control Survey Report,” Association for Financial Professionals, April 2025.

    Disclosure 3Nacha Approves New Rules to Combat Credit-Push Fraud,” Consumer Financial Services Law Monitor, March 22, 2024.

    Disclosures

    Truist Bank, Member FDIC. © 2025 Truist Financial Corporation. Truist, the Truist logo, Truist Purple, LightStream, and the LightStream logo are service marks of Truist Financial Corporation.

    Equal Housing Lender

    Investment and Insurance Products:

    • Are Not FDIC or any other Government Agency Insured
    • Are Not Bank Guaranteed
    • May Lose Value

    TRUIST is a service mark of Truist Financial Corporation (Truist) and its affiliates.

    Services provided by Truist Financial Corporation (Truist) affiliates: Banking products and services, including loans and deposit accounts, provided by Truist Bank, Member FDIC. Trust and investment management services provided by Truist Bank. Securities, brokerage accounts and/or annuities offered by Truist Investment Services, Inc., an SEC registered broker-dealer, and member FINRA and SIPC, and a licensed insurance agency. Investment advisory services offered by Truist Advisory Services, Inc. and GFO Advisory Services, LLC, SEC registered investment advisers. Some insurance products offered by Truist Investment Services, Inc. Other insurance products offered by Marsh & McLennan Agency, LLC (as successor in interest to McGriff Insurance Services, LLC) CA License #0H18131, Kensington Vanguard National Land Services, and Crump Life Insurance Services. Truist Life Insurance Services (TLIS) is a division of Crump, Arkansas License #100103477. Variable insurance material is for broker-dealer or registered representative use only. Variable products distributed by P.J. Robb Variable, LLC, Arkansas License #100110185. Member FINRA.

    Marsh & McLennan Agency LLC, Kensington Vanguard National Land Services, Crump Life Insurance Services, Truist Life Insurance Services, and P.J. Robb Variable, LLC are not affiliated with Truist Financial Corporation or any of its subsidiaries.

    Truist Securities is a trademark of Truist Financial Corporation. Truist Securities is a trade name for the corporate and investment banking services of Truist and its subsidiaries. All rights reserved. Securities and strategic advisory services are provided by Truist Securities, Inc., member FINRA and SIPC. Lending, financial risk management, and treasury management and payment services are offered by Truist Bank.

    Mortgage products and services are offered through Truist Bank. All Truist mortgage professionals are registered on the Nationwide Mortgage Licensing System & Registry (NMLS), which promotes uniformity and transparency throughout the residential real estate industry. Search the NMLS Registry.

    Comments regarding tax implications are informational only. Truist and its representatives do not provide tax or legal advice. You should consult your individual tax or legal professional before taking any action that may have tax or legal consequences.

    "Truist Advisors" may be officers and/or associated persons of the following affiliates of Truist, Truist Investment Services, Inc., and/or Truist Advisory Services, Inc. Truist Wealth, International Wealth, Center for Family Legacy, Business Owner Specialty Group, Sports and Entertainment Group, and Legal and Medical Specialty Groups are trade names used by Truist Bank, Truist Investment Services, Inc., and Truist Advisory Services, Inc.

    Applications, agreements, disclosures, and other servicing communications provided by Truist Bank and its subsidiary businesses will be provided in English. As a result, it will be necessary for customers to speak, read and understand English or to have an appropriate translator assisting them. Please note that Truist provides translations of webpages, documents and disclosures as a courtesy and in the event of any inconsistencies or discrepancies between the English content and the translated content, the English content supersedes the translation. Truist offers phone support in Spanish at 844-4TRUIST (844-487-8478), option 9. For assistance in other languages, please speak to a representative directly.

    New York City residents:

    Translation or other language access services may be available. When calling our office regarding collection activity, if you speak a language other than English and need verbal translation services, be sure to inform the representative. A description and translation of commonly-used debt collection terms is available in multiple languages at http://www.nyc.gov/dca.

    Borrowers with Limited English Proficiency (LEP) needing information can use the following resources:

    The Consumer Finance Protection Bureau (CFPB) also provides additional resources for homeowners seeking payment assistance in select languages at: https://www.consumerfinance.gov/housing/housing-insecurity/help-for-homeowners/

    Site footer

    Footer Navigation

    Banking products
    About Truist
    Resources
    Support

    © 2025, Truist. All Rights Reserved.