Cyber Security And Computer Based Fraud

As part of my ongoing series about cyber security, here are a few explanations of some of the more common forms of computer based fraud that affect businesses.

Computer To Computer Systems Fraud

This is typically referred to as a "hack" and involves a third party gaining access and control of the computer of an individual or businesses. This access and control allows the fraudulent transfer of money or tangible property to an account or location not in the control of the owner. It also allows the "hacker' to steal important and/or confidential information.

Suggested preventative solution...

Use of a reputable tech company who do vulnerability testing, install proper intrusion detection and security systems, and do frequent software updates and system checks.

Funds Transfer Fraud

This type of fraud occurs when a third party steals the credentials of an individual or business, such as usernames, passwords and P.I.N., and then sends instructions to their bank or financial institution with instructions to divert or send funds to accounts belonging to the fraudsters.

Suggested preventative solution...

Adequate training of individuals and employees on the proper protocols involving the detection or recognition of phishing type e-mails and documents, with focus on never opening documents or clicking on links contained within unknown or suspicious e-mails.

Fraudulently Induced Transfers

Using "Social Engineering", fraudsters spend time researching individuals or businesses on readily available computer sources, such as websites, Facebook and other social media. With the information gleaned, the fraudsters impersonate legitimate vendors, clients or associates of the individual or business, often with official looking letterheads and invoices that are made appear representative of legitimate business dealings or projects. Often, this includes banking information changes that divert money to the fraudsters' own bank accounts.

Suggested preventative solution...

This is a very difficult fraud to protect against, as the fraudsters rely on information that is easily accessed through internet web searches and other platforms. the fraud relies on interacting with busy and stressed employees who do not take the time to question banking changes and other such business transactions in what appears at first glance to be legitimate documents. Again, having proper protocols in place and training employees on safe business practices is critical.

It took me 10 seconds to search and download this easily available invoice on the internet, which could be changed on a computer program and made to look like a legitimate document of an actual vendor or client of your business. In other words, be very careful and don't trust everything that comes across your desk.