Cyber crimes continue to rise, and big companies are no longer the sole target. The FBI recently issued their 2024 annual report on internet crimes and there were 859,532 complaints filed, totaling $16.6 billion in losses last year. That represents a 33% increase in losses, compared to 2023. The average loss is $19,372, and those numbers only represent what has been reported to the FBI. The actual loss is estimated to be much greater, as most losses go unreported. Fortunately, there are ways to protect your business from cyber criminals, like having secure networks and training your staff to look…
Posts published in “Security”
Looking for information on what to do for year end? Need information on Secure Act 2.0? Watch this webinar replay.
I wrote an article over 3½ years ago about direct deposit fraud, first published in the FBI annual Internet Crime Complaint Center (IC3) report for 2018, when about 100 complaints were reported. Today, years later, we are finding it occurring on too-regular of a basis, and I would not be surprised if there were 100 complaints a day. How it occurs is the fraudster diverts an employee’s paycheck to their “bank account,” which they will then clear out as soon as the funds hit on pay day. The two questions you may be asking are ‘how do they change the…
Late last year, the Internet Crime Complaint Center (IC3), a division of the FBI released a public service announcement I-091818-PSA https://www.ic3.gov/media/2018/180918.aspx regarding the practice of payroll diversion by cyber-criminals. This announcement identified employees whose online self-service portal credentials were compromised, typically through a phishing attempt, and the criminal would change the direct deposit bank account of the employee to a loadable debit card in their possession. Unfortunately, once funds are sent to a debit card, the criminal can withdraw them without a trace. I am expanding that announcement to include another case of payroll diversion that we have seen. While…
A biometric recognition timeclock is a great way to assure that the employee who is ‘on the clock’ is actually the one on-site and performing work, as it utilizes a part of the person’s body as their verification. In mainstream practice, I find two main types of biometric clocks; hand recognition and fingerprint recognition. In this article, I will discuss a few pros and cons, and how reliable they are in making a positive id. First up is hand recognition. The device is the HandPunch clock which reads the unique geometry of each person’s hand. Contrary to popular belief, it…
This has been an interesting week in the world of information security. On Tuesday, Brian Krebs blog site, KrebsOnSecurity, posted an article detailing how a number of self service accounts were hijacked from ADP. In short, due to a weak registration process and a far too lackadaisical approach to stale accounts (i.e., accounts that were never activated by employees) on ADP’s part, as well as the inadvertent posting of sensitive registration codes on the part of a number of clients including a large commercial bank, U.S. Bancorp, victimizers were able make self service accounts for a considerable number of dormant accounts. In turn, the intruders used…