accounting academy weekly ledger accounting academy weekly ledger

Cyber Fraud: Common Schemes & How to Protect Your Business

Chris Doxey

The presence of technology in our everyday life for both business and personal use has caused the frequency of cyber fraud attempts to rise and is a significant threat as noted by the Department of Justice (DOJ). In fact, the DOJ states that “Cybercrime is one of the greatest threats facing our country, and has enormous implications for our national security, economic prosperity, and public safety.”

Cybercrime is an intended act in which one uses a computer or another technology to perpetrate a fraud intentionally. The crime includes the following three elements:

  1. Tools and technology
  2. A methodology for executing the criminal plan
  3. An attempt or the crime itself

What are the types of cyber fraud?

According to the American Institute of CPAs (AICPA), the top five cyber crimes that can impact corporations are:

  1. Tax-refund fraud
  2. Corporate account takeover
  3. Identity theft
  4. Theft of sensitive data
  5. Theft of intellectual property

Other types of cybercrime that you and your company should be aware of are included in the list of items below. Since the list of items is always increasing, we suggest that your company provides frequent security training reinforced by security and data protection policies.

  • Email compromise
  • Investment fraud
  • Credit card and P-card fraud
  • Internet banking fraud
  • Mobile banking fraud
  • Phishing
  • Mule recruitment
  • Shopping and auction site fraud
  • Supplier scams
  • Spam
  • Identity theft
  • Malware attack using ransomware

Protecting your company

  1. Use anti-spam and anti-phishing features of email applications, operating systems, and web browsers.
  2. Don’t open a suspicious message or attachment from a known or unknown source. Fraudsters may appear to send emails from someone that you know. They may also send what appears to be a legitimate attachment such as an invoice file, financial document, medical claim, or professional presentation.
  3. Don’t share confidential business or personal information in a public place.
  4. Be on the lookout for the latest scam suppliers. This information can be found by doing some research with the Better Business Bureau or researching “scam” suppliers that you may be concerned about. Fraudulent suppliers may submit phony invoices to your company for goods or services never provided if they know that internal controls need some improvement.

Protecting your data: The challenge of mobile devices

Information about your company’s security policies should also be refreshed with the latest examples of cybercrime with applicable case studies. Unfortunately, cybercriminals become more creative and savvy in their attempts to commit cyber fraud as cloud technology becomes more ubiquitous.

Many companies have established secure portals to protect their critical data when employees access email or other applications from a mobile device. Devices without effective security tools are susceptible to malicious code and attempts to break into your company's critical data.

The awareness of cybercrime and how it can impact your company is the first step in fraud prevention. Updating your security policies and providing training is the second step. Lastly, ensuring that your employees understand the types of cybercrime with case studies enforce the understanding of the real damage.

 

Read more from Chris Doxey

New Compliance 2017