0861 00 JTWO (5896)

fraudIn the follow-up to my previous piece on identifying invoice fraud, here I propose a few simple and practical steps to ensure that this does not happen to your business.

Invoice fraud, when a genuine invoice is altered to get a customer to pay for goods or services but into the wrong account, is increasing at a rapid rate, and while it is difficult to trace it is not impossible.

The seven steps are simple and cover training, attention to detail, verification, cross-checking alleged changes, checking for discrepancies, communicating with your suppliers, and managing your environment. Each is discussed in turn.

Print Email

invoice PaidInvoice fraud is considered a low-risk crime by fraudsters and is increasing at alarming levels because it is difficult to trace. Difficult, but not impossible!

What is invoice fraud you may be wondering? Well, it’s what happens when a genuine invoice is altered to get a customer to pay for goods or services but into the wrong account. It’s done by duping the customer (victim) to change bank details on their system – sometimes via telephonic instructions but mostly via email. The customer then thinks they have settled their invoice, though they have in fact paid this into the fraudster’s account. In just two weeks my company saw two incidents of invoice fraud with my clients. Here’s my take on how to identify and avoid invoice fraud.

How it happens

Without insider assistance, this type of fraud is very difficult to perpetrate. This is another of the many examples of an “insider threat” which must be recognised and protected against. Invoice fraud is usually only noticed when the customer argues that they have already paid the invoice, even though payment has not been received by the service provider. Despite being innocently duped into doing this, the fact of the matter is that the business is still liable by not having adequate systems in place augmented by user awareness programmes aimed at preventing this from happening.

Print Email

wannacryAnother week, another global outbreak. Yet you still don’t think you need real visibility? Really?

Are we really naïve enough to think that we are immune to being hit by these global threats?

Do we really think that everything is ok, even though millions around the world have been hit?

We really have become a special kind of stupid... Harsh? Maybe, but I hope this gets you to listen.

I speak to people everyday who are overwhelmed by the growing threat landscape. They hear of these threats and see the dangers and have felt the pain of a cyber-attack in the last few weeks or months – yet nothing has changed in the environment. You then think that you won’t be attacked again?

More discussions leads to more discussion. More talk about what needs to be done leads to nothing actually being done.

Updating a policy as a knee jerk reaction is one thing, but not doing anything to monitor what is really happening renders your policy worth only the piece of paper it is written on.

Print Email


Dark NetIT and business media are increasingly full of the threats posed by cybercrime. Based on my own extensive experience the threat is not exaggerated.

Many of the threats are underpinned by something called the Dark Web, or Dark Net. This term refers to an overlay network that exists in parallel to the Internet, which can only be accessed using specific software like a TOR (an application browser used on the dark web) browser, configurations or authorisation.

Dark nets are quite transient, appearing and disappearing at unexpected times. They contain a vibrant and thriving e-commerce sector in which participants trade in illegal goods and services. These markets offer goods like drugs, counterfeit money, stolen IDs, credit card details, and website and corporate access credentials.

Where do these thriving markets in this hidden cyber world get the goods they are selling in such quantities?

The answer is from you, or your network, often through a compromised device. Upon investigation, it is also clear that in almost every incident, the user and the people responsible for managing the computers and networks did not even know they had been compromised. In other words, they do not know to take post-factor remedial action.

An additional factor is that even a person with limited experience can quite easily access the tools and services needed to hack into sensitive data and credentials. In uncertain times, people look for new ways to make a little bit extra. These amateur hackers are compounding the already severe problem posed by criminal syndicates.

Print Email

john Mc LoughlinThe only place where an investment to prevent cyber-attacks is unnecessary is in the land of make-believe

Recently revealed research results by Kaspersky Lab would certainly indicate that prevention is not an option but should rather be a strategic business objective when it comes to cyber breaches. Kaspersky notes that large business losses from cyberattacks are estimated to be $861,000 per security incident. The report named: Measuring the Financial Impact of IT Security on Businesses* notes that small and medium businesses (SMBs) are paying $86,500 per incident. Significantly the cost of recovery is estimated to be directly related to time of discovery. Small to medium business were found to pay 44% more to recover from an attack discovered a week or more after the initial breach, compared to attacks spotted within a day. Enterprises corporations are estimated pay a 27% premium in the same circumstances.

Cybercrime is reported as the fastest growing industry worldwide and South African businesses lose around R2.2bn Rand annually to cyber-attacks.

It seems incredible that in an age where cyber threats evolve as quickly as technology develops, thousands of businesses in this country rarely, if at all, re-evaluate their vulnerability to this growing global issue.

Print Email