Looking for information on what to do for year end? Need information on Secure Act 2.0? Watch this webinar replay.
Posts published in “IT”
I wrote an article over 3½ years ago about direct deposit fraud, first published in the FBI annual Internet Crime Complaint Center (IC3) report for 2018, when about 100 complaints were reported. Today, years later, we are finding it occurring on too-regular of a basis, and I would not be surprised if there were 100 complaints a day. How it occurs is the fraudster diverts an employee’s paycheck to their “bank account,” which they will then clear out as soon as the funds hit on pay day. The two questions you may be asking are ‘how do they change the…
If you have an employee who drives their personal vehicle for a work related matter, it is the norm to reimburse the employee for the business-related use. It is a straight forward calculation by taking into consideration how many miles the person drove and multiplying it by a rate. The IRS even publishes a standard mileage rate of .58 cents per mile (2019). But what if that employee uses their mobile personal device (aka cell phone) in a Bring Your Own Device (BYOD) workplace? As employers implement paperless, streamlined, and automated solutions to their work environment, we are finding that…
Late last year, the Internet Crime Complaint Center (IC3), a division of the FBI released a public service announcement I-091818-PSA https://www.ic3.gov/media/2018/180918.aspx regarding the practice of payroll diversion by cyber-criminals. This announcement identified employees whose online self-service portal credentials were compromised, typically through a phishing attempt, and the criminal would change the direct deposit bank account of the employee to a loadable debit card in their possession. Unfortunately, once funds are sent to a debit card, the criminal can withdraw them without a trace. I am expanding that announcement to include another case of payroll diversion that we have seen. While…
A CSV file is a text file that uses commas to separate values into columns. This data format has been around for along time and is extremely easy to use, but is also widely misunderstood. With such a simple definition you might be wondering why I’m writing this article. That, or you’re one of the people I work with on a daily basis who are utterly confused when I suggest that a CSV file is anything other than a Microsoft Excel file. Before I go any further, let’s look at some content that would be typical of a CSV file: The…
A biometric recognition timeclock is a great way to assure that the employee who is ‘on the clock’ is actually the one on-site and performing work, as it utilizes a part of the person’s body as their verification. In mainstream practice, I find two main types of biometric clocks; hand recognition and fingerprint recognition. In this article, I will discuss a few pros and cons, and how reliable they are in making a positive id. First up is hand recognition. The device is the HandPunch clock which reads the unique geometry of each person’s hand. Contrary to popular belief, it…
This has been an interesting week in the world of information security. On Tuesday, Brian Krebs blog site, KrebsOnSecurity, posted an article detailing how a number of self service accounts were hijacked from ADP. In short, due to a weak registration process and a far too lackadaisical approach to stale accounts (i.e., accounts that were never activated by employees) on ADP’s part, as well as the inadvertent posting of sensitive registration codes on the part of a number of clients including a large commercial bank, U.S. Bancorp, victimizers were able make self service accounts for a considerable number of dormant accounts. In turn, the intruders used…