Cyber Fraud: Common Schemes & How to Protect Your Business

April 13, 2017 Chris Doxey

The presence of technology in our everyday life for both business and personal use has caused the frequency of cyber fraud attempts to rise and is a significant threat as noted by the Department of Justice (DOJ). In fact, the DOJ states that “Cybercrime is one of the greatest threats facing our country, and has enormous implications for our national security, economic prosperity, and public safety.”

Cybercrime is an intended act in which one uses a computer or another technology to perpetrate a fraud intentionally. The crime includes the following three elements:

  1. Tools and technology
  2. A methodology for executing the criminal plan
  3. An attempt or the crime itself

Chris Doxey featured AP expert on protecting your company from cyber fraud

What are the types of cyber fraud?

According to the American Institute of CPAs (AICPA), the top five cyber crimes that can impact corporations are:

  1. Tax-refund fraud
  2. Corporate account takeover
  3. Identity theft
  4. Theft of sensitive data
  5. Theft of intellectual property

Other types of cybercrime that you and your company should be aware of are included in the list of items below. Since the list of items is always increasing, we suggest that your company provides frequent security training reinforced by security and data protection policies.

  • Email compromise
  • Investment fraud
  • Credit card and P-card fraud
  • Internet banking fraud
  • Mobile banking fraud
  • Phishing
  • Mule recruitment
  • Shopping and auction site fraud
  • Supplier scams
  • Spam
  • Identity theft
  • Malware attack using ransomware

Protecting your company

  1. Use anti-spam and anti-phishing features of email applications, operating systems, and web browsers.
  2. Don’t open a suspicious message or attachment from a known or unknown source. Fraudsters may appear to send emails from someone that you know. They may also send what appears to be a legitimate attachment such as an invoice file, financial document, medical claim, or professional presentation.
  3. Don’t share confidential business or personal information in a public place.
  4. Be on the lookout for the latest scam suppliers. This information can be found by doing some research with the Better Business Bureau or researching “scam” suppliers that you may be concerned about. Fraudulent suppliers may submit phony invoices to your company for goods or services never provided if they know that internal controls need some improvement.

Protecting your data: The challenge of mobile devices

Information about your company’s security policies should also be refreshed with the latest examples of cybercrime with applicable case studies. Unfortunately, cybercriminals become more creative and savvy in their attempts to commit cyber fraud as cloud technology becomes more ubiquitous.

Many companies have established secure portals to protect their critical data when employees access email or other applications from a mobile device. Devices without effective security tools are susceptible to malicious code and attempts to break into your company's critical data.

The awareness of cybercrime and how it can impact your company is the first step in fraud prevention. Updating your security policies and providing training is the second step. Lastly, ensuring that your employees understand the types of cybercrime with case studies enforce the understanding of the real damage.

About the Author

Chris Doxey

Chris Doxey, CAPP, CCSA, CICA is an independent management consultant providing Internal Controls and Business Process Best Practice Solutions. She has extensive experience in procurement, accounts payable, internal auditing, internal controls, Sarbanes-Oxley compliance, payroll, logistics, financial systems strategy, and financial integration at Digital, Compaq, Hewlett Packard, MCI, APEX Analytix, and Business Strategy, Inc. She was recruited to assist MCI (formally WorldCom) recover from their internal control challenges. She has a bachelor's degree in English, a bachelor's in accounting, a master's in business administration, and a graduate certificate in project management. Chris has written numerous articles and published two handbooks: AP Leadership Skills and Implementing a Controls Self Assessment Program for Your Accounts Payable Department.

Follow on Linkedin Visit Website More Content by Chris Doxey
Previous Article
Developing Effective Anti-Money Laundering Internal Controls
Developing Effective Anti-Money Laundering Internal Controls

From real estate to retailer, money laundering affects many industries. Instead of allocating an ever-growi...

Next Article
What’s New in Compliance in 2017?
What’s New in Compliance in 2017?

The FCPA continues to take strides in stamping out corrupt business practices through compliance requiremen...


AP & Finance Professionals:
Sign up for
our weekly newsletter

First Name
Last Name
Thank you for subscribing!
Error - something went wrong!