While fraudulent activity involving checks declined, fraud involving cards took off. Forty-three percent of respondents experienced fraud or attempted fraud involving credit or debit cards last year, up from 29% in 2012.

“That's the one that stands out, the rising fraud in cards,” Carlsson said, noting that the increase occurred even though the survey shows the use of cards for business-to-business (B2B) payments declined between 2012 and 2013.

Fraudsters that previously targeted checks may have switched to cards, Carlsson said. And U.S. companies continue to use cards that are lacking from a security standpoint, since the EMV chip-and-pin cards that are now standard in many parts of the world haven't yet been implemented here, he noted. “So it may be a trend that's even migrating from overseas.”

Chip-and-Pin to the Rescue

Cards using EMV technology are due to replace the current cards, which use magnetic stripes, in the U.S. by October 2015, and the survey respondents were generally optimistic about that development. Twenty percent expect the switch to EMV cards to result in a major reduction in card fraud, while 72% expect some reduction. Just 8% predicted the new technology will have no effect on the level of fraud.

But in Whac-A-Mole fashion, about two-thirds of respondents think the anticipated decrease in card fraud brought about by chip-and-pin cards will result in an uptick in some other type of payment fraud. Fifty-four percent predict an increase in check fraud, 27% a rise in fraud involving ACH debits, 10% an increase in fraud related to wire transfers, and 8% an increase in ACH credit fraud.

“The fraudsters will go after the easiest one,” said Carlsson, pictured at left. “You just have to stay on top of them.” He noted that other countries that have implemented EMV have seen a decrease in card-present frauds but a pick-up in fraud involving transactions in which cards aren't physically present, like online or over-the-phone sales.

Companies seem to be pushing back hard against payment fraud, a development the report links to the huge data breaches that Target and Nieman Marcus reported late last year. Twenty-nine percent of the respondents said they have adopted more security measures, and another 34% said they plan to do so in the near future.

The efforts to bolster security may also reflect the fact that in October 2015, the liability for fraudulent transactions made on a point-of-sale terminal that is not fully EMV-capable will shift from card issuers to the companies that accept credit or debit cards from customers. Twenty-two percent of companies that accept cards from customers said the change will have a significant impact on their investment in card-fraud security measures, while 50% said it will have some impact on their investment.

Asked about current methods of securing customer data and company accounts, 74% said they perform daily reconciliations of the company's transactions, while 73% are reviewing and strengthening internal procedures and controls. Almost half (49%) said they are adopting a stronger method of authentication or adding layers of security to requirements for accessing bank services, and 44% are making sure the company's disaster recovery plans include provisions to maintain strong controls around accessing networks.

Other methods of payments aren't immune from fraud. Twenty-two percent of the finance practitioners surveyed said they experienced actual or attempted fraud involving ACH debits last year, down from 27% in 2012; 14% cited wire transfer fraud or attempted fraud, up from 11%; and 9% ACH credit fraud or attempted fraud, up from 8%.

Four-fifths of the actual and attempted payment frauds last year were perpetrated by people outside the company, with just 11% of frauds the responsibility of company employees and 8% the responsibility of third parties or outsourcers.