Wire fraud and other schemes – a different kettle of phish

By Pete Miller, CPA, CFE

As I have chronicled many times, fraud is a dynamic and evolving issue for every business and industry. This Treasury & Risk.com article on mitigating risk from wire fraud serves as a nice vocabulary lesson on some of the innovative methods fraudsters are using to gain access to your system from the outside.

Occupational (internal) fraud should still be a major concern for all businesses. However, more and more external fraudsters are realizing that, if they increase their at-bats, they will inevitably get more hits. Gone are the days of believing that because you’re a small or medium-sized business you are not a target for cyber-attacks. Not only are you a target, but if you’ve underinvested in your IT infrastructure you can be an attractive target.

Countless articles on the internet have likely reminded you that attacks are occurring with alarming frequency. What do you need to worry about though, as it relates to your business and finances? The Treasury & Risk article speaks to some common schemes hackers use to get into your system. It also discusses how your company may be facilitating fraudulent activity and some methods of protection that are helpful.

You may have heard of phishing, and even spear phishing. But what about vishing and smishing? Have you heard of them? Have the people in charge of your finance and accounting functions heard of them? These kinds of attempted attacks are growing with frequency, and unless you make yourself familiar with them, one might slip passed your defenses.

The Treasury & Risk article fairly points out that there is no silver bullet for protecting your organization against these risks, and I agree. However, like other forms of fraud prevention, if you perform a risk assessment for your organization and educate your employees about these risks (both internal fraud and external attacks), you will have a leg up on the fraudsters.

The reason small businesses are being targeted more by attackers is because they are undefended and vulnerable. If you take some of the simple steps mentioned in the article, you can move your organization out of reach of the “low hanging fruit” these attackers are looking for and provide some protection against them.

© Clark Nuber PS and Focus on Fraud, 2015. Unauthorized use and/or duplication of this material without express and written permission from this blog’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Clark Nuber PS and Focus on Fraud with appropriate and specific direction to the original content.

This article or blog contains general information only and should not be construed as accounting, business, financial, investment, legal, tax, or other professional advice or services. Before making any decision or taking any action, you should engage a qualified professional advisor.