Skip to content

Our Privacy Statement & Cookie Policy

All Thomson Reuters websites use cookies to improve your online experience. They were placed on your computer when you launched this website. You can change your cookie settings through your browser.

Fraud

3 Simple tips to resist cyber threats and prevent fraud

Debra Casey  Executive Editor / Thomson Reuters

Debra Casey  Executive Editor / Thomson Reuters

In late 2018, the SEC issued an investigative report on cyber threats to be considered in implementing internal accounting controls. The issue came to its attention as the result of 9 public companies losing over $1 million each in two different types of schemes; one wired $45 million to an incorrect account (in case you thought the $1 million was immaterial).

The total losses were estimated at over $100 million, and most of it was not recovered. In that same report, the FBI is quoted as indicating fraud losses related to business email compromises totaled over $5 billion since 2013. The two primary email schemes involved in the losses examined by the SEC were those where fraudsters emailed companies pretending to be either vendors or company executives and had funds diverted from appropriate accounts to ones controlled by the fraudsters. These types of cyber threats are not uncommon.

Large and small entities

Perhaps you’re thinking this could only happen at a large company with lots of employees where people don’t see each other often, call to verify transfers of funds, or talk to one another. That is not the case! Fraud can happen anywhere and in any size organization – and usually begins with some kind of cyber threat. With email and online interactions, it’s easy for fraudsters to pose as others. In the last month, two different school districts in two different states have been defrauded of over $5 million earmarked for construction and renovation of schools. This happened when employees of the school districts were convinced by emails from the fraudsters that the vendor’s bank account numbers had changed.

Simple things to prevent fraud

Employees are both the biggest risk and a vital part of protecting an organization from fraud. Let’s look at a few simple things that any employee in any size organization can do to help prevent fraud losses.

  1. Be aware of organizational information security policies.
  2. Read. Look at the address the email is coming from, the spelling and grammar within it, and keep current on trends in cybersecurity breaches through education, so you know what to look for.
  3. Trust, but verify. Ask questions, particularly if it’s an unusual request, outside normal procedures, or coming from a source you don’t usually interact with. Make that phone call, consult with others if the request is out of the norm.

How we can help

All of the above are simple things to do, and yet somehow 30 different people at one organization were convinced to wire funds multiple times to a bank account that was not the vendor’s. While there are sophisticated techniques and electronic controls to help catch fraudsters, many techniques can be found in simple controls as well. You can thwart cyber threats and prevent fraud with ongoing training, diligence and vigilance.

 

Move forward: CPE, training and tools to keep you and your team up to date

Checkpoint Learning helps you stay informed in an industry full of change and opportunity. Check out these relevant courses:

  • Managing the Risk of Cyber Threats and Safeguarding of Client Data (CLSYBR)
  • Cyber Security to Protect Your Company and Your Clients (CLCYBR)
  • Fraud 101- A Basic Prevention Guide for Small Businesses (CPPREV)
  • Who Commits Fraud and Why? (CLFRA1 )
  • Computer Fraud Detection and Deterrence (CLCFRB)
  • A Best Practice Electronic Payment Fraud Avoidance Program(CLBFA)

…and others addressing fraud detection, cyber threats and prevention.

Start learning now.

 

More answers