Tag Archives: cybercrime

cybercrime

Technology, preparation can help prevent fraud

Jason Mabee is vice president of treasury management for UMB Bank in Arizona.

Jason Mabee is vice president of treasury management for UMB Bank in Arizona.

Fraud can come in many forms, from counterfeit checks to stolen credit cards and trusted employees to savvy hackers. For businesses, fraudulent activity is always bad news. According to the Association for Financial Professionals’ (AFP) 2015 survey, 62 percent of companies were targets of payments fraud in 2014 with financial losses that ranged anywhere from a relatively small amount to millions of dollars.

The good news for businesses is that there are numerous measures out there that can help prevent and detect fraudulent activity. In addition, advanced technology is being developed and deployed now that will help companies better protect their operations and their bottom line.

The Many Forms of Fraud

According to the AFP, the most common form of fraud businesses encounter is through checks, corporate credit/debit cards and wire transfers. Paper checks continue to be the payment type most vulnerable to fraudulent attacks and account for the largest dollar amount of financial loss, even though their use continues to decline. Credit and debit cards are the second most popular form of business fraud, although they experienced a decline in fraudulent activity, down from 43 percent in 2013 to 34 percent in 2014.  And lastly, wire fraud incidents almost doubled from 14 percent in 2013 to 27 percent last year.

The newest form of fraud is cyberfraud in which criminals create an email account for corporate executives or vendors and send emails with payment instructions to employees in the accounting department. Employees who are unaware of the fake or altered email account will follow the instructions and make payment.

Be Prepared

While it may seem daunting, businesses can take steps to protect against fraudulent activity. Positive Pay is one example of how companies can get ahead of the game. Positive Pay is an automated fraud detection tool offered by most banks. Here is how it works: Companies cut checks every month and send the bank a list of all those checks, including check numbers, amounts and payees. As checks clear against the account, the bank makes sure the checks match up, eliminating any fraudulent or altered checks.

To protect against internal fraud, business owners should implement dual control and separation of duties. Understand who is in charge of what responsibilities on the financial side and make sure there are no gaps. Implement dual control over the businesses banking transactions, meaning the same person who is running payables should not be the same person who is reconciling accounts. Also, business owners should review financial statements on a weekly or monthly basis. 

To mitigate compromise in these areas, businesses should review all areas of their operation and put the proper preventions in place to protect against fraud. For instance, businesses should ensure their employees have the proper education and training for fraud detection. They should install, maintain and update spam filters, anti-virus software and firewalls. Reducing check writing, outsourcing payroll and having dual controls are additional tips that can help prevent fraudulent activity.

New Technology on the Way

In addition to being prepared, businesses will soon be able to rely on new technology to help protect against fraud. The latest and most anticipated technology is EMV (Europay, MasterCard and Visa) chip cards, which will have a major impact on lessening credit and debit card fraud. So much so that 92 percent of financial professionals believe EMV technology will be effective in reducing fraud at the point-of-sale.

Traditional magnetic stripe cards require a signature for security purposes, whereas the new chip cards will add an additional layer of sophisticated fraud protection through an embedded microchip that turns the cardholder’s information into a unique code that is difficult to duplicate or copy when used at a chip-enabled terminal.

Merchants and retailers are currently in the process of investing in new card reading technology that will accept EMV chip cards. If they do not update their technology, they could potentially be liable for fraudulent transactions and not the user or card issuer. Visa intends to institute a liability shift in the U.S. for domestic and cross-border counterfeit transactions effective Oct. 1, 2015. This shift will encourage Visa issuing banks to begin issuing EMV chip cards and merchants to begin deploying card swipe technology that can process the chip-on-chip transaction.

While new technology and preventative measures can help businesses protect against fraud, the truth is that it will always exist in one form or another. What businesses can do is educate their employees, make sure they are using the most up-to-date technology and work with their financial partners to ensure the best practices and protective measures are in place.

Jason Mabee is vice president of treasury management for UMB Bank in Arizona. He can be reached at Jason.Mabee@umb.com.

cybercrime

U. of Phoenix offers Cybersecurity Scholarships

University of Phoenix, a subsidiary of Apollo Education Group, Inc., and the (ISC)2® Foundation, today announced they are offering nine full-tuition scholarships. (ISC)2 Foundation is the non-profit charitable trust for (ISC)² that aims to empower students, teachers and the general public to secure their online lives with community cyber security education and awareness. The scholarships will provide education opportunities for individuals interested in entering or furthering their information security careers.

Each scholarship recipient will have the opportunity to complete an undergraduate or master’s degree program at University of Phoenix and will receive a voucher from (ISC)² to take either the SSCP® or CISSP® certification exam within one year of graduation.

(ISC)² and University of Phoenix are both working to advance the skills of information technology and security professionals to address the growing skills gaps in these fields. The collaboration will also be reflected in curriculum that meets the needs of today’s information security economy.

The (ISC)² sixth annual Global Information Security Workforce Study (GISWS) revealed that the lack of skilled and qualified information security professionals is negatively affecting both companies and consumers and causing a global economic ripple effect. In fact, more than half (56 percent) of survey respondents indicated that the staffing shortage is significantly impacting their organizations. Security concerns indicated by respondents included brand damage, breaches of laws and regulations, service downtime, customer privacy violations, and customer identity and corporate intellectual property theft.

“Educating cybersecurity professionals should be one of the top global priorities,” said Julie Peeler, director, (ISC)2 Foundation. “The profound staffing and skills shortages in this industry put organizations’ reputations and customer data at risk. We are proud to collaborate with University of Phoenix to offer these scholarships and provide learning and career opportunities to the next generation of information security professionals.”

“University of Phoenix is committed to providing degree programs and curriculum that reflect real industry needs,” said Dr. Tim Welsh, senior vice president for Industry Strategy at Apollo Education Group. “There is a clear demand for information security professionals and the University is pleased to collaborate with (ISC)², a globally renowned leader in the information security field, to directly align our education programs with industry staffing needs.”

Applications for the University of Phoenix/(ISC)² Cybersecurity Scholarships are currently being accepted. The deadline to apply is June 3, 2014. Each scholarship recipient will have the opportunity to complete an undergraduate or master’s degree program at University of Phoenix and can choose to attend a local University of Phoenix campus or online. (ISC)² will also provide recipients with a voucher to take either the SSCP or CISSP certification exam within one year of graduation. The exam voucher will be provided to the awarded recipients upon proof of graduation in an area of study with an emphasis on cybersecurity and/or information assurance. For scholarship terms and conditions or to learn more about the scholarship, visit www.phoenix.edu/isc2scholar.

To learn more about University of Phoenix efforts to better equip the workforce through innovative corporate alliances, learning tools and educational programs, visit phoenix.edu/industry.