SlideShare une entreprise Scribd logo

Simple Training for Information Security and Payment Fraud

Evan Francen
Evan Francen

The document discusses payment fraud risks and protections. It summarizes a survey finding that 74% of organizations were victims of payment fraud in 2016. Checks and wire transfers are most commonly targeted. Business email compromise scams targeting wire transfers are on the rise. The document provides 7 tips for protection, including employing dual control for transactions and monitoring accounts daily.

Business
1  sur  28
Information Security – Payment Fraud Risks and Simple Protections
Agenda 1 • Introduction • Common Scams and Frauds • 7 Tips to Protect Yourself & Your Organization • Quiz • Questions
Introduction 2 • Financial scams and fraud is rampant in the United States (and worldwide). • According to the Federal Trade Commission (primarily consumer-focused): • More than 3,000,000 complaints/reports were filed in 2016. • For the 1st time, “imposter” scams surpassed identity theft in the number of complaints. • Out of the 1.3 million fraud reports we got in 2016, people reported paying $744 million to scammers – with a median payment of $450. • Most business-related financial scams and/or fraud is not reported.
2017 Association for Financial Professionals (AFP) Payments Fraud and Control Survey 3 • 74% of organizations were victims of payment fraud in 2016 (the largest share on record) – “suggests that fraudsters are continuing to succeed in their attempts to attack organizations’ payment systems.” • Size matters. Larger companies (based on revenue) with more accounts are more likely to have been subject to fraud (see graphic). • Checks continue to be the payment method most often targeted. 75% of organizations were victims of fraud attempts/attacks (increase from 71% in 2016)
2017 Association for Financial Professionals (AFP) Payments Fraud and Control Survey 4
2017 Association for Financial Professionals (AFP) Payments Fraud and Control Survey 5 • Wire transfers were the 2nd most-often targeted payment method; 46% reported this type of fraud. • Wire transfer fraud: • 2016 – 46% • 2015 – 48% • 2014 – 27% • 2013 – 14% • Finance professionals are increasingly dealing with business email compromise (BEC) scams; the main target for BEC scams are wire transfers.
2017 Association for Financial Professionals (AFP) Payments Fraud and Control Survey 6
2017 Association for Financial Professionals (AFP) Payments Fraud and Control Survey 7 • The rise in wire fraud appears to coincide directly with the rise in BEC scams. • Fraud via corporate/commercial credit cards accounted for the 3rd largest share of fraud – 32% • ACH debits accounted for the 4th largest share – 30% • ACH credits accounted for the 5th largest share – 11%
2017 Association for Financial Professionals (AFP) Payments Fraud and Control Survey 8
2017 Association for Financial Professionals (AFP) Payments Fraud and Control Survey 9 Other interesting information
2017 Association for Financial Professionals (AFP) Payments Fraud and Control Survey 10 Other interesting information
2017 Association for Financial Professionals (AFP) Payments Fraud and Control Survey 11 Other interesting information
2017 Association for Financial Professionals (AFP) Payments Fraud and Control Survey 12 Other interesting information
Business Email Compromise (BEC) 13 • Since 2014, there has been a sharp uptick in BEC scams. • “The scam is carried out by compromising legitimate business email accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds.” – 2016 FBI alert • The FBI alert also indicates that BEC scams are increasing, evolving, and targeting businesses regardless of size or geographic location (all 50 states and 79 countries). • Losses have increased exponentially since January, 2015. • 74% of finance professionals report that their organizations were victims of BEC in 2016.
Business Email Compromise (BEC) 14
Business Email Compromise (BEC) 15 • The most common method of fraud through BEC is via wire transfers (60%). • 81% of organizations have either implemented or are in the process of implementing controls to guard against BEC. • 12% of organizations are considering controls implementation.
Business Email Compromise (BEC) 16
ACH Fraud 17 • 80% of organizations report that the number of ACH fraud attempts is unchanged from 2015 to 2016; 13% report a rise, and 7% report a decrease. • 16% of larger organizations reported financial losses because of ACH fraud. • Primary reasons cited for ACH fraud include: • ACH return not timely (33%) • Gaps in online security controls/criminal account takeover (29%) • Did not use ACH debit locks or ACH credit filters (24%)
ACH Fraud 18
7 Tips to Protect Yourself & Your Organization 19 #1 Three Cs (for protecting against Business Email Compromise or “BEC”) 1. Compare email addresses; pay special attention to deceptive characters, incorrect punctuation, and misspelling. • kwill@truecompany.com vs. kvvill@truecompany.com • darcy@truecompany.com vs. darcy@true.company.com • darcy@truecompany.com vs. darcy@truecomany.com 2. Check the language; misspelled words, misused grammar, and unusual language. "I need this done today but I'm at the doctor's office. You can reach me through email." 3. Call to confirm; Emailing the client to confirm their request is futile, if you are already communicating with a suspect. *Don’t use a phone number from suspicious email correspondence. Obtain the client’s phone number from a verified source.
7 Tips to Protect Yourself & Your Organization 20 #2 Use a Dedicated Computer for Banking 1. The “banking” computer should be used for no other purpose; no checking email, no Internet browsing, etc. 2. Ask IT to restrict the “banking” computer network connections to only those systems that are required for operation. 3. Ask IT to “harden” the “banking” computer; this means disabling unnecessary services, restricting privileged access, regular password changes, etc. 4. Consider using a non-Windows system for the “banking” computer. The American Bankers Association (ABA) first made this recommendation in 2010, and it is still valid today.
7 Tips to Protect Yourself & Your Organization 21 #3 Be Wary of Communications You Don’t Initiate 1. Never give sensitive information to a caller who called you; sensitive information should only be given on calls that you made using known phone numbers. 2. Never give access (to your computer, to your email, to an application, etc.) to a caller who called you. 3. Validate emails that ask for financial transactions or access to something sensitive. Validate by calling (see Tip #2).
7 Tips to Protect Yourself & Your Organization 22 #4 Employ Dual Control 1. Consider dual control on all financial transactions (or transactions that exceed certain dollar amounts). 2. Consider dual control on all changes to payment accounts; or where money goes. 3. Consider dual control on all payment account setups. 4. Consider where other sensitive (or critical) processes may require dual control. Dual control does not only apply to financial transactions, it can also be used for other critical processes. Traditionally, dual control is a system where two people have to sign a check, or validate a transaction, or have keys to a safe, etc.
7 Tips to Protect Yourself & Your Organization 23 #6 Monitor and Balance Financial Accounts Daily Daily monitoring will not stop fraud and will not identify all fraud; however, it will help identify signs of fraud. If regular payments are made to certain vendors or customers, use trends in payment history over long periods of time (if feasible). #7 Conduct Employee Background Checks Background checks should be conducted on all personnel; however, this is especially important for personnel working with financial systems. Background checks should be conducted at time of hire and periodically thereafter.
7 Tips to Protect Yourself & Your Organization 24 BONUS – Report Events & Incidents Immediately Report any unusual activity to information security personnel immediately. Things that are out of the ordinary may be an indication of something more serious. If you have fallen for a phishing attack or suspect that you may be a victim of an attack, report the event(s) to information security personnel immediately. We should always operate with a heightened sense of awareness. Reports events and incidents right away.
Quiz 25 1. The number of financial fraud victims is decreasing (True/False). 2. Most financial fraud happens because of a compromised mobile device (True/False). 3. When I visit the ATM to withdraw cash, I am using strong authentication (True/False). 4. The percentage of organizations experiencing wire transfer fraud has more than tripled since 2014 (True/False). 5. The three Cs will go a long way in protecting against Business Email Compromise (BEC) (True/False).
Quiz 26 6. Actual financial loss resulting from financial fraud can exceed $2,000,000 for an organization (True/False). 7. ACH debit locks or ACH credit filters are controls that can help protect against financial fraud (True/False). 8. Using a dedicated computer for online financial transactions will reduce the risk of an online attack. (True/False). 9. Financial fraud should be reported to the FBI immediately. (True/False). 10. A heightened sense of awareness is often our best defense. (True/False).
Information Security – Payment Risks and Simple Protections 27 The contents for this presentation were written and/or compiled by FRSecure. For more information about FRSecure or how FRSecure helps 100s of organizations with their information security challenges (fixing the broken industry), please visit https://frsecure.com. Contact us with any/all questions, comments, or concerns. Reference: 2017 Association for Financial Professionals (AFP) Payments Fraud and Control Survey – underwritten by J.P. Morgan; https://www.afponline.org/publications-data-tools/reports/survey-research-economic-data/Details/payments-fraud-2016

Recommandé

Fraud Prevention
Fraud PreventionFraud Prevention
Fraud PreventionGerald Johnson
 
Findings from India Fraud Survey 2012: Fraud and Corporate Governance - Chang...
Findings from India Fraud Survey 2012: Fraud and Corporate Governance - Chang...Findings from India Fraud Survey 2012: Fraud and Corporate Governance - Chang...
Findings from India Fraud Survey 2012: Fraud and Corporate Governance - Chang...EY
 
MGI Fraud Report 2017
MGI Fraud Report 2017MGI Fraud Report 2017
MGI Fraud Report 2017Steve Greene
 
Be prepared to deal with fraud for web
Be prepared to deal with fraud for webBe prepared to deal with fraud for web
Be prepared to deal with fraud for webKatie Farrow
 
Managing Payment and Fraud - Ecommerce Masterclass
Managing Payment and Fraud - Ecommerce MasterclassManaging Payment and Fraud - Ecommerce Masterclass
Managing Payment and Fraud - Ecommerce MasterclassThe ID Co.
 
Online Scams and Frauds
Online Scams and FraudsOnline Scams and Frauds
Online Scams and FraudsQuick Heal Technologies Ltd.
 
Internet Fraud
Internet FraudInternet Fraud
Internet FraudVasundhara Singh Gautam
 
2016 MSCPA Fraud Conference Presentation
2016 MSCPA Fraud Conference Presentation2016 MSCPA Fraud Conference Presentation
2016 MSCPA Fraud Conference PresentationRon Steinkamp
 

Recommandé

Fraud Prevention
Fraud PreventionFraud Prevention
Fraud PreventionGerald Johnson
 
Findings from India Fraud Survey 2012: Fraud and Corporate Governance - Chang...
Findings from India Fraud Survey 2012: Fraud and Corporate Governance - Chang...Findings from India Fraud Survey 2012: Fraud and Corporate Governance - Chang...
Findings from India Fraud Survey 2012: Fraud and Corporate Governance - Chang...EY
 
MGI Fraud Report 2017
MGI Fraud Report 2017MGI Fraud Report 2017
MGI Fraud Report 2017Steve Greene
 
Be prepared to deal with fraud for web
Be prepared to deal with fraud for webBe prepared to deal with fraud for web
Be prepared to deal with fraud for webKatie Farrow
 
Managing Payment and Fraud - Ecommerce Masterclass
Managing Payment and Fraud - Ecommerce MasterclassManaging Payment and Fraud - Ecommerce Masterclass
Managing Payment and Fraud - Ecommerce MasterclassThe ID Co.
 
Online Scams and Frauds
Online Scams and FraudsOnline Scams and Frauds
Online Scams and FraudsQuick Heal Technologies Ltd.
 
Internet Fraud
Internet FraudInternet Fraud
Internet FraudVasundhara Singh Gautam
 
2016 MSCPA Fraud Conference Presentation
2016 MSCPA Fraud Conference Presentation2016 MSCPA Fraud Conference Presentation
2016 MSCPA Fraud Conference PresentationRon Steinkamp
 
Protecting Your Organization Against Check and ACH Fraud
Protecting Your Organization Against Check and ACH FraudProtecting Your Organization Against Check and ACH Fraud
Protecting Your Organization Against Check and ACH FraudFraudBusters
 
Fraud In Our Midst, The Acfe 2010
Fraud In Our Midst, The Acfe 2010Fraud In Our Midst, The Acfe 2010
Fraud In Our Midst, The Acfe 2010annmarieboyd
 
Fraud An International Perspective
Fraud An International PerspectiveFraud An International Perspective
Fraud An International PerspectiveSteve Mitchinson
 
Fraud-Fighting Trends 2017
Fraud-Fighting Trends 2017Fraud-Fighting Trends 2017
Fraud-Fighting Trends 2017Sarah Beldo
 
Main body
Main bodyMain body
Main bodyM A Sadiq
 
Preventing Nonprofit Banking Fraud and the Tools You Can Use!
Preventing Nonprofit Banking Fraud and the Tools You Can Use!Preventing Nonprofit Banking Fraud and the Tools You Can Use!
Preventing Nonprofit Banking Fraud and the Tools You Can Use!tomciolkosz
 
10 Ways To Prevent Internet Fraud
10 Ways To Prevent Internet Fraud10 Ways To Prevent Internet Fraud
10 Ways To Prevent Internet FraudGoose & Gander
 
Nigerian banking fr
Nigerian banking frNigerian banking fr
Nigerian banking frKinfe Teka
 
Global Economic Crime Survey
Global Economic Crime SurveyGlobal Economic Crime Survey
Global Economic Crime SurveyViren Aul
 
Scams and-fraud-presentation
Scams and-fraud-presentationScams and-fraud-presentation
Scams and-fraud-presentationRoel Palmaers
 
MP_OneSheet_TaxFraud
MP_OneSheet_TaxFraudMP_OneSheet_TaxFraud
MP_OneSheet_TaxFraudKatherine Johnston, CFE
 
Resto bot presentation en (1)
Resto bot presentation en (1)Resto bot presentation en (1)
Resto bot presentation en (1)Gadzhibala Pirmagomedov
 
2013-10-31 Nonprofit Fraud Part 1
2013-10-31 Nonprofit Fraud Part 12013-10-31 Nonprofit Fraud Part 1
2013-10-31 Nonprofit Fraud Part 1Raffa Learning Community
 
deloitte-au-risk-tasmanian-fraud-corruption-survey-2015-010915
deloitte-au-risk-tasmanian-fraud-corruption-survey-2015-010915deloitte-au-risk-tasmanian-fraud-corruption-survey-2015-010915
deloitte-au-risk-tasmanian-fraud-corruption-survey-2015-010915Blair Browning
 
Fraud Protection Final 2 hour CPE- Hazan 122815
Fraud Protection Final 2 hour CPE- Hazan 122815 Fraud Protection Final 2 hour CPE- Hazan 122815
Fraud Protection Final 2 hour CPE- Hazan 122815 Steve Hazan
 
Payroll Fraud by Andrew Firth, Forensic Accountant
Payroll Fraud by Andrew Firth, Forensic AccountantPayroll Fraud by Andrew Firth, Forensic Accountant
Payroll Fraud by Andrew Firth, Forensic AccountantRushmore Forensic
 
Economic-Crime-Thailand-PwC-Consulting
Economic-Crime-Thailand-PwC-ConsultingEconomic-Crime-Thailand-PwC-Consulting
Economic-Crime-Thailand-PwC-Consultingittimol weeramongkolkul
 
ELECTRONIC FRAUD TACTICS
ELECTRONIC FRAUD TACTICS ELECTRONIC FRAUD TACTICS
ELECTRONIC FRAUD TACTICS ICFAI Business School
 
Recognizing and Preventing Fixed Asset and Inventory Fraud using Data Analysis
Recognizing and Preventing Fixed Asset and Inventory Fraud using Data AnalysisRecognizing and Preventing Fixed Asset and Inventory Fraud using Data Analysis
Recognizing and Preventing Fixed Asset and Inventory Fraud using Data AnalysisFraudBusters
 
FHRBOC Preventing NFP Banking Fraud
FHRBOC Preventing NFP Banking FraudFHRBOC Preventing NFP Banking Fraud
FHRBOC Preventing NFP Banking Fraudtomciolkosz
 
How to Safeguard Your Business from Payment Fraud _ Regions Bank.pdf
How to Safeguard Your Business from Payment Fraud _ Regions Bank.pdfHow to Safeguard Your Business from Payment Fraud _ Regions Bank.pdf
How to Safeguard Your Business from Payment Fraud _ Regions Bank.pdfBhekumuzi Xaba
 
2015 CEB Tower Group Mar2015
2015 CEB Tower Group Mar20152015 CEB Tower Group Mar2015
2015 CEB Tower Group Mar2015Ajay Alex
 

Contenu connexe

Tendances

Protecting Your Organization Against Check and ACH Fraud
Protecting Your Organization Against Check and ACH FraudProtecting Your Organization Against Check and ACH Fraud
Protecting Your Organization Against Check and ACH FraudFraudBusters
 
Fraud In Our Midst, The Acfe 2010
Fraud In Our Midst, The Acfe 2010Fraud In Our Midst, The Acfe 2010
Fraud In Our Midst, The Acfe 2010annmarieboyd
 
Fraud An International Perspective
Fraud An International PerspectiveFraud An International Perspective
Fraud An International PerspectiveSteve Mitchinson
 
Fraud-Fighting Trends 2017
Fraud-Fighting Trends 2017Fraud-Fighting Trends 2017
Fraud-Fighting Trends 2017Sarah Beldo
 
Preventing Nonprofit Banking Fraud and the Tools You Can Use!
Preventing Nonprofit Banking Fraud and the Tools You Can Use!Preventing Nonprofit Banking Fraud and the Tools You Can Use!
Preventing Nonprofit Banking Fraud and the Tools You Can Use!tomciolkosz
 
10 Ways To Prevent Internet Fraud
10 Ways To Prevent Internet Fraud10 Ways To Prevent Internet Fraud
10 Ways To Prevent Internet FraudGoose & Gander
 
Nigerian banking fr
Nigerian banking frNigerian banking fr
Nigerian banking frKinfe Teka
 
Global Economic Crime Survey
Global Economic Crime SurveyGlobal Economic Crime Survey
Global Economic Crime SurveyViren Aul
 
Scams and-fraud-presentation
Scams and-fraud-presentationScams and-fraud-presentation
Scams and-fraud-presentationRoel Palmaers
 
deloitte-au-risk-tasmanian-fraud-corruption-survey-2015-010915
deloitte-au-risk-tasmanian-fraud-corruption-survey-2015-010915deloitte-au-risk-tasmanian-fraud-corruption-survey-2015-010915
deloitte-au-risk-tasmanian-fraud-corruption-survey-2015-010915Blair Browning
 
Fraud Protection Final 2 hour CPE- Hazan 122815
Fraud Protection Final 2 hour CPE- Hazan 122815 Fraud Protection Final 2 hour CPE- Hazan 122815
Fraud Protection Final 2 hour CPE- Hazan 122815 Steve Hazan
 
Payroll Fraud by Andrew Firth, Forensic Accountant
Payroll Fraud by Andrew Firth, Forensic AccountantPayroll Fraud by Andrew Firth, Forensic Accountant
Payroll Fraud by Andrew Firth, Forensic AccountantRushmore Forensic
 
Recognizing and Preventing Fixed Asset and Inventory Fraud using Data Analysis
Recognizing and Preventing Fixed Asset and Inventory Fraud using Data AnalysisRecognizing and Preventing Fixed Asset and Inventory Fraud using Data Analysis
Recognizing and Preventing Fixed Asset and Inventory Fraud using Data AnalysisFraudBusters
 

Tendances (19)

Protecting Your Organization Against Check and ACH Fraud
Protecting Your Organization Against Check and ACH FraudProtecting Your Organization Against Check and ACH Fraud
Protecting Your Organization Against Check and ACH Fraud
 
Fraud In Our Midst, The Acfe 2010
Fraud In Our Midst, The Acfe 2010Fraud In Our Midst, The Acfe 2010
Fraud In Our Midst, The Acfe 2010
 
Fraud An International Perspective
Fraud An International PerspectiveFraud An International Perspective
Fraud An International Perspective
 
Fraud-Fighting Trends 2017
Fraud-Fighting Trends 2017Fraud-Fighting Trends 2017
Fraud-Fighting Trends 2017
 
Main body
Main bodyMain body
Main body
 
Preventing Nonprofit Banking Fraud and the Tools You Can Use!
Preventing Nonprofit Banking Fraud and the Tools You Can Use!Preventing Nonprofit Banking Fraud and the Tools You Can Use!
Preventing Nonprofit Banking Fraud and the Tools You Can Use!
 
10 Ways To Prevent Internet Fraud
10 Ways To Prevent Internet Fraud10 Ways To Prevent Internet Fraud
10 Ways To Prevent Internet Fraud
 
Nigerian banking fr
Nigerian banking frNigerian banking fr
Nigerian banking fr
 
Global Economic Crime Survey
Global Economic Crime SurveyGlobal Economic Crime Survey
Global Economic Crime Survey
 
Scams and-fraud-presentation
Scams and-fraud-presentationScams and-fraud-presentation
Scams and-fraud-presentation
 
MP_OneSheet_TaxFraud
MP_OneSheet_TaxFraudMP_OneSheet_TaxFraud
MP_OneSheet_TaxFraud
 
Resto bot presentation en (1)
Resto bot presentation en (1)Resto bot presentation en (1)
Resto bot presentation en (1)
 
2013-10-31 Nonprofit Fraud Part 1
2013-10-31 Nonprofit Fraud Part 12013-10-31 Nonprofit Fraud Part 1
2013-10-31 Nonprofit Fraud Part 1
 
deloitte-au-risk-tasmanian-fraud-corruption-survey-2015-010915
deloitte-au-risk-tasmanian-fraud-corruption-survey-2015-010915deloitte-au-risk-tasmanian-fraud-corruption-survey-2015-010915
deloitte-au-risk-tasmanian-fraud-corruption-survey-2015-010915
 
Fraud Protection Final 2 hour CPE- Hazan 122815
Fraud Protection Final 2 hour CPE- Hazan 122815 Fraud Protection Final 2 hour CPE- Hazan 122815
Fraud Protection Final 2 hour CPE- Hazan 122815
 
Payroll Fraud by Andrew Firth, Forensic Accountant
Payroll Fraud by Andrew Firth, Forensic AccountantPayroll Fraud by Andrew Firth, Forensic Accountant
Payroll Fraud by Andrew Firth, Forensic Accountant
 
Economic-Crime-Thailand-PwC-Consulting
Economic-Crime-Thailand-PwC-ConsultingEconomic-Crime-Thailand-PwC-Consulting
Economic-Crime-Thailand-PwC-Consulting
 
ELECTRONIC FRAUD TACTICS
ELECTRONIC FRAUD TACTICS ELECTRONIC FRAUD TACTICS
ELECTRONIC FRAUD TACTICS
 
Recognizing and Preventing Fixed Asset and Inventory Fraud using Data Analysis
Recognizing and Preventing Fixed Asset and Inventory Fraud using Data AnalysisRecognizing and Preventing Fixed Asset and Inventory Fraud using Data Analysis
Recognizing and Preventing Fixed Asset and Inventory Fraud using Data Analysis
 

Similaire à Simple Training for Information Security and Payment Fraud

FHRBOC Preventing NFP Banking Fraud
FHRBOC Preventing NFP Banking FraudFHRBOC Preventing NFP Banking Fraud
FHRBOC Preventing NFP Banking Fraudtomciolkosz
 
How to Safeguard Your Business from Payment Fraud _ Regions Bank.pdf
How to Safeguard Your Business from Payment Fraud _ Regions Bank.pdfHow to Safeguard Your Business from Payment Fraud _ Regions Bank.pdf
How to Safeguard Your Business from Payment Fraud _ Regions Bank.pdfBhekumuzi Xaba
 
2015 CEB Tower Group Mar2015
2015 CEB Tower Group Mar20152015 CEB Tower Group Mar2015
2015 CEB Tower Group Mar2015Ajay Alex
 
ID Theft: What You Need to Know - Juliana Harris
ID Theft: What You Need to Know - Juliana HarrisID Theft: What You Need to Know - Juliana Harris
ID Theft: What You Need to Know - Juliana HarrisIT-oLogy
 
Law Enforcement Fraud Prevention Network and Financial Instrument Secure Tran...
Law Enforcement Fraud Prevention Network and Financial Instrument Secure Tran...Law Enforcement Fraud Prevention Network and Financial Instrument Secure Tran...
Law Enforcement Fraud Prevention Network and Financial Instrument Secure Tran...Michael Abernathy
 
Ais Romney 2006 Slides 05 Computer Fraud And Abuse
Ais Romney 2006 Slides 05 Computer Fraud And AbuseAis Romney 2006 Slides 05 Computer Fraud And Abuse
Ais Romney 2006 Slides 05 Computer Fraud And Abusesharing notes123
 
Ais Romney 2006 Slides 05 Computer Fraud And Abuse
Ais Romney 2006 Slides 05 Computer Fraud And AbuseAis Romney 2006 Slides 05 Computer Fraud And Abuse
Ais Romney 2006 Slides 05 Computer Fraud And AbuseSharing Slides Training
 
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docx
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docxRunning head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docx
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docxwlynn1
 
Enterprise Fraud Management: How Banks Need to Adapt
Enterprise Fraud Management: How Banks Need to AdaptEnterprise Fraud Management: How Banks Need to Adapt
Enterprise Fraud Management: How Banks Need to AdaptCapgemini
 
Fraud In Our Midst, The Acfe 2010
Fraud In Our Midst, The Acfe 2010Fraud In Our Midst, The Acfe 2010
Fraud In Our Midst, The Acfe 2010annmarieboyd
 
The DNA of Online Payments Fraud
The DNA of Online Payments FraudThe DNA of Online Payments Fraud
The DNA of Online Payments FraudChristopher Uriarte
 
2014-10-02 Nonprofit Fraud: Part I - The Fraud
2014-10-02 Nonprofit Fraud: Part I - The Fraud2014-10-02 Nonprofit Fraud: Part I - The Fraud
2014-10-02 Nonprofit Fraud: Part I - The FraudRaffa Learning Community
 
Public Sector Fraud - Central MO IIA
Public Sector Fraud - Central MO IIAPublic Sector Fraud - Central MO IIA
Public Sector Fraud - Central MO IIARon Steinkamp
 
Public Sector Fraud - Mid-MO AGA
Public Sector Fraud - Mid-MO AGAPublic Sector Fraud - Mid-MO AGA
Public Sector Fraud - Mid-MO AGARon Steinkamp
 
The following article is related to deterring employee fraud within .docx
The following article is related to deterring employee fraud within .docxThe following article is related to deterring employee fraud within .docx
The following article is related to deterring employee fraud within .docxssuser454af01
 
Current Trends in Fraud Prevention
Current Trends in Fraud PreventionCurrent Trends in Fraud Prevention
Current Trends in Fraud PreventionBlackbaud
 
Payment Screening for Fraud Prevention & Compliance
Payment Screening for Fraud Prevention & CompliancePayment Screening for Fraud Prevention & Compliance
Payment Screening for Fraud Prevention & ComplianceKyriba Corporation
 

Similaire à Simple Training for Information Security and Payment Fraud (20)

FHRBOC Preventing NFP Banking Fraud
FHRBOC Preventing NFP Banking FraudFHRBOC Preventing NFP Banking Fraud
FHRBOC Preventing NFP Banking Fraud
 
How to Safeguard Your Business from Payment Fraud _ Regions Bank.pdf
How to Safeguard Your Business from Payment Fraud _ Regions Bank.pdfHow to Safeguard Your Business from Payment Fraud _ Regions Bank.pdf
How to Safeguard Your Business from Payment Fraud _ Regions Bank.pdf
 
2015 CEB Tower Group Mar2015
2015 CEB Tower Group Mar20152015 CEB Tower Group Mar2015
2015 CEB Tower Group Mar2015
 
ID Theft: What You Need to Know - Juliana Harris
ID Theft: What You Need to Know - Juliana HarrisID Theft: What You Need to Know - Juliana Harris
ID Theft: What You Need to Know - Juliana Harris
 
Law Enforcement Fraud Prevention Network and Financial Instrument Secure Tran...
Law Enforcement Fraud Prevention Network and Financial Instrument Secure Tran...Law Enforcement Fraud Prevention Network and Financial Instrument Secure Tran...
Law Enforcement Fraud Prevention Network and Financial Instrument Secure Tran...
 
Ais Romney 2006 Slides 05 Computer Fraud And Abuse
Ais Romney 2006 Slides 05 Computer Fraud And AbuseAis Romney 2006 Slides 05 Computer Fraud And Abuse
Ais Romney 2006 Slides 05 Computer Fraud And Abuse
 
Ais Romney 2006 Slides 05 Computer Fraud And Abuse
Ais Romney 2006 Slides 05 Computer Fraud And AbuseAis Romney 2006 Slides 05 Computer Fraud And Abuse
Ais Romney 2006 Slides 05 Computer Fraud And Abuse
 
Dealing With ID Theft
Dealing With ID TheftDealing With ID Theft
Dealing With ID Theft
 
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docx
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docxRunning head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docx
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docx
 
Enterprise Fraud Management: How Banks Need to Adapt
Enterprise Fraud Management: How Banks Need to AdaptEnterprise Fraud Management: How Banks Need to Adapt
Enterprise Fraud Management: How Banks Need to Adapt
 
Fraud In Our Midst, The Acfe 2010
Fraud In Our Midst, The Acfe 2010Fraud In Our Midst, The Acfe 2010
Fraud In Our Midst, The Acfe 2010
 
The DNA of Online Payments Fraud
The DNA of Online Payments FraudThe DNA of Online Payments Fraud
The DNA of Online Payments Fraud
 
2014-10-02 Nonprofit Fraud: Part I - The Fraud
2014-10-02 Nonprofit Fraud: Part I - The Fraud2014-10-02 Nonprofit Fraud: Part I - The Fraud
2014-10-02 Nonprofit Fraud: Part I - The Fraud
 
Public Sector Fraud - Central MO IIA
Public Sector Fraud - Central MO IIAPublic Sector Fraud - Central MO IIA
Public Sector Fraud - Central MO IIA
 
Public Sector Fraud - Mid-MO AGA
Public Sector Fraud - Mid-MO AGAPublic Sector Fraud - Mid-MO AGA
Public Sector Fraud - Mid-MO AGA
 
Red Flags Fraud
Red Flags FraudRed Flags Fraud
Red Flags Fraud
 
The following article is related to deterring employee fraud within .docx
The following article is related to deterring employee fraud within .docxThe following article is related to deterring employee fraud within .docx
The following article is related to deterring employee fraud within .docx
 
Current Trends in Fraud Prevention
Current Trends in Fraud PreventionCurrent Trends in Fraud Prevention
Current Trends in Fraud Prevention
 
Payment Screening for Fraud Prevention & Compliance
Payment Screening for Fraud Prevention & CompliancePayment Screening for Fraud Prevention & Compliance
Payment Screening for Fraud Prevention & Compliance
 
Idt
IdtIdt
Idt
 

Plus de Evan Francen

WANTED - People Committed to Solving Our Information Security Language Problem
WANTED - People Committed to Solving Our Information Security Language ProblemWANTED - People Committed to Solving Our Information Security Language Problem
WANTED - People Committed to Solving Our Information Security Language ProblemEvan Francen
 
Keynote @ ISC2 Cyber Aware Dallas
Keynote @ ISC2 Cyber Aware DallasKeynote @ ISC2 Cyber Aware Dallas
Keynote @ ISC2 Cyber Aware DallasEvan Francen
 
WANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language ProblemWANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language ProblemEvan Francen
 
Harrisburg BSides Presentation - 100219
Harrisburg BSides Presentation - 100219Harrisburg BSides Presentation - 100219
Harrisburg BSides Presentation - 100219Evan Francen
 
Managing Third-Party Risk Effectively
Managing Third-Party Risk EffectivelyManaging Third-Party Risk Effectively
Managing Third-Party Risk EffectivelyEvan Francen
 
Step Up Your Data Security Against Third-Party Risks
Step Up Your Data Security Against Third-Party RisksStep Up Your Data Security Against Third-Party Risks
Step Up Your Data Security Against Third-Party RisksEvan Francen
 
Information Security & Manufacturing
Information Security & ManufacturingInformation Security & Manufacturing
Information Security & ManufacturingEvan Francen
 
MHTA Social Engineering Presentation - 050917
MHTA Social Engineering Presentation - 050917MHTA Social Engineering Presentation - 050917
MHTA Social Engineering Presentation - 050917Evan Francen
 
People. The Social Engineer's Dream - TechPulse 2017
People. The Social Engineer's Dream - TechPulse 2017People. The Social Engineer's Dream - TechPulse 2017
People. The Social Engineer's Dream - TechPulse 2017Evan Francen
 
AFCOM - Information Security State of the Union
AFCOM - Information Security State of the UnionAFCOM - Information Security State of the Union
AFCOM - Information Security State of the UnionEvan Francen
 
Managing Risk or Reacting to Compliance
Managing Risk or Reacting to ComplianceManaging Risk or Reacting to Compliance
Managing Risk or Reacting to ComplianceEvan Francen
 
TIES 2013 Education Technology Conference
TIES 2013 Education Technology ConferenceTIES 2013 Education Technology Conference
TIES 2013 Education Technology ConferenceEvan Francen
 
Mobile Information Security
Mobile Information SecurityMobile Information Security
Mobile Information SecurityEvan Francen
 
Information security challenges in today’s banking environment
Information security challenges in today’s banking environmentInformation security challenges in today’s banking environment
Information security challenges in today’s banking environmentEvan Francen
 
Information Security in a Compliance World
Information Security in a Compliance WorldInformation Security in a Compliance World
Information Security in a Compliance WorldEvan Francen
 
Information Security For Leaders, By a Leader
Information Security For Leaders, By a LeaderInformation Security For Leaders, By a Leader
Information Security For Leaders, By a LeaderEvan Francen
 
Information Security is NOT an IT Issue
Information Security is NOT an IT IssueInformation Security is NOT an IT Issue
Information Security is NOT an IT IssueEvan Francen
 
People are the biggest risk
People are the biggest riskPeople are the biggest risk
People are the biggest riskEvan Francen
 
FRSecure's Ten Security Principles to Live (or die) By
FRSecure's Ten Security Principles to Live (or die) ByFRSecure's Ten Security Principles to Live (or die) By
FRSecure's Ten Security Principles to Live (or die) ByEvan Francen
 
Meaningful Use and Security Risk Analysis
Meaningful Use and Security Risk AnalysisMeaningful Use and Security Risk Analysis
Meaningful Use and Security Risk AnalysisEvan Francen
 

Plus de Evan Francen (20)

WANTED - People Committed to Solving Our Information Security Language Problem
WANTED - People Committed to Solving Our Information Security Language ProblemWANTED - People Committed to Solving Our Information Security Language Problem
WANTED - People Committed to Solving Our Information Security Language Problem
 
Keynote @ ISC2 Cyber Aware Dallas
Keynote @ ISC2 Cyber Aware DallasKeynote @ ISC2 Cyber Aware Dallas
Keynote @ ISC2 Cyber Aware Dallas
 
WANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language ProblemWANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language Problem
 
Harrisburg BSides Presentation - 100219
Harrisburg BSides Presentation - 100219Harrisburg BSides Presentation - 100219
Harrisburg BSides Presentation - 100219
 
Managing Third-Party Risk Effectively
Managing Third-Party Risk EffectivelyManaging Third-Party Risk Effectively
Managing Third-Party Risk Effectively
 
Step Up Your Data Security Against Third-Party Risks
Step Up Your Data Security Against Third-Party RisksStep Up Your Data Security Against Third-Party Risks
Step Up Your Data Security Against Third-Party Risks
 
Information Security & Manufacturing
Information Security & ManufacturingInformation Security & Manufacturing
Information Security & Manufacturing
 
MHTA Social Engineering Presentation - 050917
MHTA Social Engineering Presentation - 050917MHTA Social Engineering Presentation - 050917
MHTA Social Engineering Presentation - 050917
 
People. The Social Engineer's Dream - TechPulse 2017
People. The Social Engineer's Dream - TechPulse 2017People. The Social Engineer's Dream - TechPulse 2017
People. The Social Engineer's Dream - TechPulse 2017
 
AFCOM - Information Security State of the Union
AFCOM - Information Security State of the UnionAFCOM - Information Security State of the Union
AFCOM - Information Security State of the Union
 
Managing Risk or Reacting to Compliance
Managing Risk or Reacting to ComplianceManaging Risk or Reacting to Compliance
Managing Risk or Reacting to Compliance
 
TIES 2013 Education Technology Conference
TIES 2013 Education Technology ConferenceTIES 2013 Education Technology Conference
TIES 2013 Education Technology Conference
 
Mobile Information Security
Mobile Information SecurityMobile Information Security
Mobile Information Security
 
Information security challenges in today’s banking environment
Information security challenges in today’s banking environmentInformation security challenges in today’s banking environment
Information security challenges in today’s banking environment
 
Information Security in a Compliance World
Information Security in a Compliance WorldInformation Security in a Compliance World
Information Security in a Compliance World
 
Information Security For Leaders, By a Leader
Information Security For Leaders, By a LeaderInformation Security For Leaders, By a Leader
Information Security For Leaders, By a Leader
 
Information Security is NOT an IT Issue
Information Security is NOT an IT IssueInformation Security is NOT an IT Issue
Information Security is NOT an IT Issue
 
People are the biggest risk
People are the biggest riskPeople are the biggest risk
People are the biggest risk
 
FRSecure's Ten Security Principles to Live (or die) By
FRSecure's Ten Security Principles to Live (or die) ByFRSecure's Ten Security Principles to Live (or die) By
FRSecure's Ten Security Principles to Live (or die) By
 
Meaningful Use and Security Risk Analysis
Meaningful Use and Security Risk AnalysisMeaningful Use and Security Risk Analysis
Meaningful Use and Security Risk Analysis
 

Dernier

The-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptxThe-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptxmbikashkanyari
 
International Business Environments and Operations 16th Global Edition test b...
International Business Environments and Operations 16th Global Edition test b...International Business Environments and Operations 16th Global Edition test b...
International Business Environments and Operations 16th Global Edition test b...ssuserf63bd7
 
Unlocking the Future: Explore Web 3.0 Workshop to Start Earning Today!
Unlocking the Future: Explore Web 3.0 Workshop to Start Earning Today!Unlocking the Future: Explore Web 3.0 Workshop to Start Earning Today!
Unlocking the Future: Explore Web 3.0 Workshop to Start Earning Today!Doge Mining Website
 
Darshan Hiranandani [News About Next CEO].pdf
Darshan Hiranandani [News About Next CEO].pdfDarshan Hiranandani [News About Next CEO].pdf
Darshan Hiranandani [News About Next CEO].pdfShashank Mehta
 
Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Kirill Klimov
 
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCRashishs7044
 
Digital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfDigital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfJos Voskuil
 
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607dollysharma2066
 
Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...Seta Wicaksana
 
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City GurgaonCall Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaoncallgirls2057
 
Innovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfInnovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfrichard876048
 
Annual General Meeting Presentation Slides
Annual General Meeting Presentation SlidesAnnual General Meeting Presentation Slides
Annual General Meeting Presentation SlidesKeppelCorporation
 
Memorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMMemorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMVoces Mineras
 
Market Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMarket Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMintel Group
 
Fordham -How effective decision-making is within the IT department - Analysis...
Fordham -How effective decision-making is within the IT department - Analysis...Fordham -How effective decision-making is within the IT department - Analysis...
Fordham -How effective decision-making is within the IT department - Analysis...Peter Ward
 
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCRashishs7044
 
Church Building Grants To Assist With New Construction, Additions, And Restor...
Church Building Grants To Assist With New Construction, Additions, And Restor...Church Building Grants To Assist With New Construction, Additions, And Restor...
Church Building Grants To Assist With New Construction, Additions, And Restor...Americas Got Grants
 
Kenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith PereraKenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith Pereraictsugar
 
8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCRashishs7044
 

Dernier (20)

The-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptxThe-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
 
International Business Environments and Operations 16th Global Edition test b...
International Business Environments and Operations 16th Global Edition test b...International Business Environments and Operations 16th Global Edition test b...
International Business Environments and Operations 16th Global Edition test b...
 
Unlocking the Future: Explore Web 3.0 Workshop to Start Earning Today!
Unlocking the Future: Explore Web 3.0 Workshop to Start Earning Today!Unlocking the Future: Explore Web 3.0 Workshop to Start Earning Today!
Unlocking the Future: Explore Web 3.0 Workshop to Start Earning Today!
 
Darshan Hiranandani [News About Next CEO].pdf
Darshan Hiranandani [News About Next CEO].pdfDarshan Hiranandani [News About Next CEO].pdf
Darshan Hiranandani [News About Next CEO].pdf
 
Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024
 
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
 
Digital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfDigital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdf
 
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
 
Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...
 
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City GurgaonCall Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
 
Innovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfInnovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdf
 
Annual General Meeting Presentation Slides
Annual General Meeting Presentation SlidesAnnual General Meeting Presentation Slides
Annual General Meeting Presentation Slides
 
Memorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMMemorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQM
 
Market Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMarket Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 Edition
 
Fordham -How effective decision-making is within the IT department - Analysis...
Fordham -How effective decision-making is within the IT department - Analysis...Fordham -How effective decision-making is within the IT department - Analysis...
Fordham -How effective decision-making is within the IT department - Analysis...
 
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
 
Call Us ➥9319373153▻Call Girls In North Goa
Call Us ➥9319373153▻Call Girls In North GoaCall Us ➥9319373153▻Call Girls In North Goa
Call Us ➥9319373153▻Call Girls In North Goa
 
Church Building Grants To Assist With New Construction, Additions, And Restor...
Church Building Grants To Assist With New Construction, Additions, And Restor...Church Building Grants To Assist With New Construction, Additions, And Restor...
Church Building Grants To Assist With New Construction, Additions, And Restor...
 
Kenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith PereraKenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith Perera
 
8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR
 

Simple Training for Information Security and Payment Fraud

  • 1. Information Security – Payment Fraud Risks and Simple Protections
  • 2. Agenda 1 • Introduction • Common Scams and Frauds • 7 Tips to Protect Yourself & Your Organization • Quiz • Questions
  • 3. Introduction 2 • Financial scams and fraud is rampant in the United States (and worldwide). • According to the Federal Trade Commission (primarily consumer-focused): • More than 3,000,000 complaints/reports were filed in 2016. • For the 1st time, “imposter” scams surpassed identity theft in the number of complaints. • Out of the 1.3 million fraud reports we got in 2016, people reported paying $744 million to scammers – with a median payment of $450. • Most business-related financial scams and/or fraud is not reported.
  • 4. 2017 Association for Financial Professionals (AFP) Payments Fraud and Control Survey 3 • 74% of organizations were victims of payment fraud in 2016 (the largest share on record) – “suggests that fraudsters are continuing to succeed in their attempts to attack organizations’ payment systems.” • Size matters. Larger companies (based on revenue) with more accounts are more likely to have been subject to fraud (see graphic). • Checks continue to be the payment method most often targeted. 75% of organizations were victims of fraud attempts/attacks (increase from 71% in 2016)
  • 5. 2017 Association for Financial Professionals (AFP) Payments Fraud and Control Survey 4
  • 6. 2017 Association for Financial Professionals (AFP) Payments Fraud and Control Survey 5 • Wire transfers were the 2nd most-often targeted payment method; 46% reported this type of fraud. • Wire transfer fraud: • 2016 – 46% • 2015 – 48% • 2014 – 27% • 2013 – 14% • Finance professionals are increasingly dealing with business email compromise (BEC) scams; the main target for BEC scams are wire transfers.
  • 7. 2017 Association for Financial Professionals (AFP) Payments Fraud and Control Survey 6
  • 8. 2017 Association for Financial Professionals (AFP) Payments Fraud and Control Survey 7 • The rise in wire fraud appears to coincide directly with the rise in BEC scams. • Fraud via corporate/commercial credit cards accounted for the 3rd largest share of fraud – 32% • ACH debits accounted for the 4th largest share – 30% • ACH credits accounted for the 5th largest share – 11%
  • 9. 2017 Association for Financial Professionals (AFP) Payments Fraud and Control Survey 8
  • 10. 2017 Association for Financial Professionals (AFP) Payments Fraud and Control Survey 9 Other interesting information
  • 11. 2017 Association for Financial Professionals (AFP) Payments Fraud and Control Survey 10 Other interesting information
  • 12. 2017 Association for Financial Professionals (AFP) Payments Fraud and Control Survey 11 Other interesting information
  • 13. 2017 Association for Financial Professionals (AFP) Payments Fraud and Control Survey 12 Other interesting information
  • 14. Business Email Compromise (BEC) 13 • Since 2014, there has been a sharp uptick in BEC scams. • “The scam is carried out by compromising legitimate business email accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds.” – 2016 FBI alert • The FBI alert also indicates that BEC scams are increasing, evolving, and targeting businesses regardless of size or geographic location (all 50 states and 79 countries). • Losses have increased exponentially since January, 2015. • 74% of finance professionals report that their organizations were victims of BEC in 2016.
  • 16. Business Email Compromise (BEC) 15 • The most common method of fraud through BEC is via wire transfers (60%). • 81% of organizations have either implemented or are in the process of implementing controls to guard against BEC. • 12% of organizations are considering controls implementation.
  • 18. ACH Fraud 17 • 80% of organizations report that the number of ACH fraud attempts is unchanged from 2015 to 2016; 13% report a rise, and 7% report a decrease. • 16% of larger organizations reported financial losses because of ACH fraud. • Primary reasons cited for ACH fraud include: • ACH return not timely (33%) • Gaps in online security controls/criminal account takeover (29%) • Did not use ACH debit locks or ACH credit filters (24%)
  • 20. 7 Tips to Protect Yourself & Your Organization 19 #1 Three Cs (for protecting against Business Email Compromise or “BEC”) 1. Compare email addresses; pay special attention to deceptive characters, incorrect punctuation, and misspelling. • kwill@truecompany.com vs. kvvill@truecompany.com • darcy@truecompany.com vs. darcy@true.company.com • darcy@truecompany.com vs. darcy@truecomany.com 2. Check the language; misspelled words, misused grammar, and unusual language. "I need this done today but I'm at the doctor's office. You can reach me through email." 3. Call to confirm; Emailing the client to confirm their request is futile, if you are already communicating with a suspect. *Don’t use a phone number from suspicious email correspondence. Obtain the client’s phone number from a verified source.
  • 21. 7 Tips to Protect Yourself & Your Organization 20 #2 Use a Dedicated Computer for Banking 1. The “banking” computer should be used for no other purpose; no checking email, no Internet browsing, etc. 2. Ask IT to restrict the “banking” computer network connections to only those systems that are required for operation. 3. Ask IT to “harden” the “banking” computer; this means disabling unnecessary services, restricting privileged access, regular password changes, etc. 4. Consider using a non-Windows system for the “banking” computer. The American Bankers Association (ABA) first made this recommendation in 2010, and it is still valid today.
  • 22. 7 Tips to Protect Yourself & Your Organization 21 #3 Be Wary of Communications You Don’t Initiate 1. Never give sensitive information to a caller who called you; sensitive information should only be given on calls that you made using known phone numbers. 2. Never give access (to your computer, to your email, to an application, etc.) to a caller who called you. 3. Validate emails that ask for financial transactions or access to something sensitive. Validate by calling (see Tip #2).
  • 23. 7 Tips to Protect Yourself & Your Organization 22 #4 Employ Dual Control 1. Consider dual control on all financial transactions (or transactions that exceed certain dollar amounts). 2. Consider dual control on all changes to payment accounts; or where money goes. 3. Consider dual control on all payment account setups. 4. Consider where other sensitive (or critical) processes may require dual control. Dual control does not only apply to financial transactions, it can also be used for other critical processes. Traditionally, dual control is a system where two people have to sign a check, or validate a transaction, or have keys to a safe, etc.
  • 24. 7 Tips to Protect Yourself & Your Organization 23 #6 Monitor and Balance Financial Accounts Daily Daily monitoring will not stop fraud and will not identify all fraud; however, it will help identify signs of fraud. If regular payments are made to certain vendors or customers, use trends in payment history over long periods of time (if feasible). #7 Conduct Employee Background Checks Background checks should be conducted on all personnel; however, this is especially important for personnel working with financial systems. Background checks should be conducted at time of hire and periodically thereafter.
  • 25. 7 Tips to Protect Yourself & Your Organization 24 BONUS – Report Events & Incidents Immediately Report any unusual activity to information security personnel immediately. Things that are out of the ordinary may be an indication of something more serious. If you have fallen for a phishing attack or suspect that you may be a victim of an attack, report the event(s) to information security personnel immediately. We should always operate with a heightened sense of awareness. Reports events and incidents right away.
  • 26. Quiz 25 1. The number of financial fraud victims is decreasing (True/False). 2. Most financial fraud happens because of a compromised mobile device (True/False). 3. When I visit the ATM to withdraw cash, I am using strong authentication (True/False). 4. The percentage of organizations experiencing wire transfer fraud has more than tripled since 2014 (True/False). 5. The three Cs will go a long way in protecting against Business Email Compromise (BEC) (True/False).
  • 27. Quiz 26 6. Actual financial loss resulting from financial fraud can exceed $2,000,000 for an organization (True/False). 7. ACH debit locks or ACH credit filters are controls that can help protect against financial fraud (True/False). 8. Using a dedicated computer for online financial transactions will reduce the risk of an online attack. (True/False). 9. Financial fraud should be reported to the FBI immediately. (True/False). 10. A heightened sense of awareness is often our best defense. (True/False).
  • 28. Information Security – Payment Risks and Simple Protections 27 The contents for this presentation were written and/or compiled by FRSecure. For more information about FRSecure or how FRSecure helps 100s of organizations with their information security challenges (fixing the broken industry), please visit https://frsecure.com. Contact us with any/all questions, comments, or concerns. Reference: 2017 Association for Financial Professionals (AFP) Payments Fraud and Control Survey – underwritten by J.P. Morgan; https://www.afponline.org/publications-data-tools/reports/survey-research-economic-data/Details/payments-fraud-2016