With the uptick of online hacking and financial fraud schemes, owners and officers of business must be vigilant in establishing security mechanisms to avoid losses. In the last six months we've had cases where someone pretended to be from the IRS with a grand jury subpoena if $10,000 fine was not wired same day, supervisors emails were hacked directing accounting to wire funds, callers posed as the DEA investigating a business shipment and demanding payment, a new customer posed as a local business and mailed in money then requested a refund by wire before the check bounced and more! We even had someone try and order a dozen IPhones on the firm's Verizon account.
- Work with your financial institution. Ensure that you have “opted in” to security measures offered by your bank or other financial account institution.
- Establish a system. If you have one person controlling your accounting and financial accounts, it is time for a change. Institute a dual monitoring system whereby your staff member can initiate a transaction, but you must formally approve disbursement of funds.
- Create procedures. Every business should have procedures for in-house accounting and banking transactions. A thorough audit of the procedures and transactions must be made on a regular basis. Ensure you have the appropriate malware and security systems on your server and each computer. Sophisticated hackers are able to duplicate e-mail accounts and text messages. Consider instituting a phone call-back procedure to ensure all disbursements to non-recurring accounts and vendors are legitimate. Be wary of “urgent” messages and “links” e-mailed from business claiming to be your “bank” or your “service provider”. This is a common way for hackers to quietly gain access to your computer, and ultimately your account information.
- Train accounting employees. What are the accepted forms of communication for your business? What are your regularly recurring bills? What are your transaction procedures? What are the consequences for an employee failing to abide by those procedures? Consider implementing fraud training on an annual basis.
Being proactive is essential to getting out ahead of hackers. Contact a Goosmann Law attorney for more information about protecting your business from e-fraud at info@goosmannlaw.com or the e-alert author at baileyb@goosmannlaw.com