Keeping Password "Spraying" from Compromising your Network

Cybercriminals are always looking for novel ways to gain unauthorized access to online accounts and IT networks. Password “spraying” is a newer scheme you and your IT department need to know about and guard against. Traditional cyberattacks attempt to breach a single account with multiple password attempts. But password spraying schemes use common passwords to try to access as many accounts as possible. Unfortunately, this approach can be very effective. How and why it works Password spraying perpetrators buy lists of usernames or email addresses and either buy or invent lists of common passwords. They then attempt to access multiple accounts using a single password. If that password doesn’t work, the criminals select a new password and keep trying until, eventually, a password opens an account. That...

Help Prevent Fraud in Your Family Business

Statistics on fraud rates in family-run businesses are scant. This is probably because most family enterprises keep incidents of financial malfeasance under wraps and don’t involve law enforcement or the courts. Because punishing offenders is critical to preventing future fraud, such secrecy can encourage schemes and raise the risk of large financial losses. So although your family business may be different from those run by unrelated individuals, it needs just as many internal controls to prevent bad behavior. Antifraud policies are critical Fraud prevention efforts in family businesses often are hampered by loyalty and affection. One of the biggest potential obstacles is failing to acknowledge that someone in the family could be capable of initiating or overlooking illegal activities. If there’s a black sheep in your flock,...

Why You Should Exercise Caution When Investing in Crypto.

Driven by an increased interest in cryptocurrency, little regulatory oversight and the constant introduction of new coins, cryptocurrency fraud could reach unprecedented levels in 2025. Fraud perpetrators no longer need to rely only on phishing attacks or counterfeit coins — they’re now using artificial intelligence to scam crypto investors. Unfortunately, many law enforcement agencies don’t have the resources to keep up with the latest fraud schemes. it’s up to crypto investors to be on the lookout for potential fraud. AI enters the equation The first crypto scams involved Ponzi schemes and rug pulls, where promoters abandoned coins they introduced and disappeared with investors’ funds. Now, AI-powered frauds involving deepfake influencers have become almost run-of-the-mill. For example, “pig butchering,” where criminals build long-term relationships with their victims to...

Do Your Salespeople Come By Their Commissions Honestly?

Preventing financial losses from occupational fraud requires your company to remain vigilant. In a nutshell: Trust employees, but routinely verify they aren’t stealing. This includes salespeople who, if they’re unethical, could falsify sales commission records to illicitly line their own pockets. Because it’s sometimes impossible to spot crooks in your midst, be aware of potential sales commission fraud schemes and how best to detect and prevent them. How some may cheat Sales commission fraud can take several forms. For example, a retail employee bent on fraud may enter a nonexistent sale into a point of sale (POS) system to generate a commission. Or a dishonest sales associate might create a fraudulent contract that invents everything — including the customer. Another risk is overstatement of sales. In such cases,...

Protecting Your Business from Deepfake Deception

Deepfakes — digital forgeries produced by artificial intelligence (AI) — have blurred the line between reality and illusion. On the upside, AI-generated deepfakes have revolutionized special effects in motion pictures and made certain education and health care industry processes more effective. Yet there are also plenty of risks associated with deepfakes. Current threats Deepfakes purporting to represent public officials can disseminate disinformation and generate fake news stories. And if fraud perpetrators use deepfake images of a company’s owner or senior executives, they can more easily perpetrate phishing schemes and steal sensitive data. The threat extends beyond visible manipulation to audio. Deepfakes can mimic a specific individual’s voice to commit theft. For example, a so-called “business partner” might leave a voicemail instructing someone in your accounting department to wire...

Watch Out for Predatory Lenders

Whether you’re an entrepreneur seeking start-up funds or the owner of an established business that needs capital to make an acquisition or develop new product lines, be careful when looking for a lender. To avoid fraudsters and potentially dire consequences, you need to take your time and carefully screen anyone eager to lend you money. After all, there must be something in it for them. Ensure that those motivations are honest. Signs signifying trouble Predatory lenders often offer loans with punitive terms and conditions and nonrefundable upfront fees. They especially target businesses with a checkered history or inadequate collateral because they know such borrowers have fewer options and may be more willing to compromise. To tempt borrowers, bad actors might advertise a quick closing or a willingness...

Keeping Crooked Workers from Colluding in Fraud

According to the Association of Certified Fraud Examiners, when one occupational fraud perpetrator pulls off a scam, the employer suffers a median loss of $75,000. When crooked individuals team up, that median loss rises to $135,000. And when three or more crooks work together to defraud an organization? $329,000. That’s the power of collusion. If such financial consequences weren’t bad enough, collusion can also destroy a company’s reputation. After all, from the perspective of investors, lenders, customers and the general public, the defrauded business may seem corrupt and chaotic — certainly not trustworthy. So you must do everything possible to discourage collusion and other forms of fraud in your business. Preventing control workarounds Internal controls, or policies and procedures that can help minimize criminal behavior, are essential to...

BEC Fraud: How to Protect Your Business from a Growing Threat

Business e-mail compromise (BEC) has emerged as one of the most financially damaging online crimes. According to the FBI’s Internet Crime Complaint Center (IC3), organizations lost nearly $56 billion across approximately 305,000 incidents between October 2013 and December 2023. Increasingly, gift cards are playing a key role in BEC scams. Understanding how these schemes work can help prevent them from harming your business. Role of gift cards To steal from companies, BEC perpetrators use social engineering and computer intrusion techniques. Their goal is to trick email users into transferring funds to them. Although several BEC variations are active, cybercriminals usually impersonate senior executives and target lower-level employees by asking workers to fulfill what might seem like routine requests. These include sending money via wire or writing a check. In...

Know the Risks Before Outsourcing Business to Contractors

If your business is particularly busy, you may temporarily outsource some of its work to third-party contractors. Hiring contractors can be a cost-effective way to manage seasonal — or even ordinary — customer demands without hiring new employees or making other long-term investments. However, third parties can introduce some financial, legal and reputational risks. So it’s important to recognize potential threats and take steps to head them off before engaging contractors. 2 scenarios Consider the following example: A company employs an overseas trucking company to transport goods from a port to a customer’s warehouse. The driver, unfortunately, isn’t very honest and he pays a kickback to customs personnel to release the shipments quickly. This action subjects the company that hired the contractor to bribery and corruption charges...

Are Your Job Candidates Honest? A Look at Resumé Fruad

Job applicants must work hard to stand out in a crowded marketplace. For some, that means bending the truth — or outright lying — about their experience, skills and education. According to a survey performed by resumé-writing service StandOut CV, a staggering 64.2% of Americans have lied on their resumé at least once. Bad hires can generate direct and indirect costs, including lost productivity, customer dissatisfaction and wasted training time. In extreme circumstances, news of a bad hire can result in reputational damage. To make matters worse, if a dishonest new hire objects to being fired (or a candidate doesn’t get the job), the person could sue, leading to expensive legal bills. You can help protect against such losses by spotting dishonest resumés early in the...