To accommodate remote work requirements organizations continued to make changes to technology infrastructure. For the information technology team, remote work is common but there are many other departments this may be the first time. Over a few weeks, many organizations continued to make emergency changes to ensure the business continues without interruption. As a result, organizations are exposed to cybersecurity vulnerabilities and you will find a lot of information on how to manage cyber threats. The other most important area that needs attention is \u201cFraud\u201d and many small to medium organizations are not ready or have not considered fraud risk.<\/p>\n\n\n\n
In today\u2019s blog, we have shared information about fraud basics and quick tips. The fraud schemes such as internal and external defraud companies, and other techniques such as the Ponzi scheme, identity theft, skimming, etc. defraud individuals.<\/p>\n\n\n\n
Internal Fraud –<\/strong> <\/span>Committed by employees, manager, officers, or owners of the company<\/p>\n\n\n\n External Fraud<\/strong> – <\/span>Committed by customers, vendors, and other parties<\/p>\n\n\n\n Internal frauds are illegal acts of employees against the company and examples include:<\/p>\n\n\n\n External fraud covers a broad range of schemes by customers, vendors, and other parties. The threat of security breaches, stealing intellectual property, tax fraud, hacking, bankruptcy fraud, and loan fraud.<\/p>\n\n\n\n According to 2018 Association of Certified Fraud Examiners (ACFE), common occupational fraud schemes in various industries are as follows:<\/p>\n\n\n\n Per 2018 ACFE report, the common asset misappropriation sub-schemes with greatest risk are:<\/p>\n\n\n\n Non cash, Billing, Cash and Payment Tampering, Cash Larceny, Skimming, Payroll, Expense Reimbursement, Cash on hand, Register Disbursement<\/p>\n\n\n\n Corruption represents one of the most significant fraud risks for organizations in many industries and regions. Common corruption schemes:<\/p>\n\n\n\n Other common types of fraud include but are not limited to:<\/span><\/strong><\/p>\n\n\n\n How do you?<\/span><\/strong><\/p>\n\n\n\n COVID 19 Quick Checklist R- Review<\/strong><\/strong><\/p>\n\n\n\n AC \u2013 Additional Checks or Testing<\/strong><\/strong><\/p>\n\n\n\n <\/p>\n","protected":false},"excerpt":{"rendered":" To accommodate remote work requirements organizations continued to make changes to technology infrastructure. For the information technology team, remote work is common but there are…<\/p>\n","protected":false},"author":1,"featured_media":2712,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[81],"tags":[],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/blog.einnosec.com\/index.php\/wp-json\/wp\/v2\/posts\/1732"}],"collection":[{"href":"https:\/\/blog.einnosec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.einnosec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.einnosec.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.einnosec.com\/index.php\/wp-json\/wp\/v2\/comments?post=1732"}],"version-history":[{"count":4,"href":"https:\/\/blog.einnosec.com\/index.php\/wp-json\/wp\/v2\/posts\/1732\/revisions"}],"predecessor-version":[{"id":2312,"href":"https:\/\/blog.einnosec.com\/index.php\/wp-json\/wp\/v2\/posts\/1732\/revisions\/2312"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.einnosec.com\/index.php\/wp-json\/wp\/v2\/media\/2712"}],"wp:attachment":[{"href":"https:\/\/blog.einnosec.com\/index.php\/wp-json\/wp\/v2\/media?parent=1732"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.einnosec.com\/index.php\/wp-json\/wp\/v2\/categories?post=1732"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.einnosec.com\/index.php\/wp-json\/wp\/v2\/tags?post=1732"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}Industry<\/strong><\/td> Schemes <\/span>(2018 ACFE Survey Report)<\/span><\/strong><\/td><\/tr> Banking\/ Financial Services<\/strong><\/td> Corruption, Cash on hand, Cash larceny, Check and payment tampering, Noncash, Billing<\/td><\/tr> Manufacturing<\/strong><\/td> Corruption, Billing, Noncash, Expense Reimbursement, Cash on hand<\/td><\/tr> Government\/Public Administration<\/strong><\/td> Corruption, Billing, Noncash<\/td><\/tr> Health care<\/strong><\/td> Corruption, Billing, Noncash, Expense Reimbursement<\/td><\/tr> Retail<\/strong><\/td> Noncash, Corruption, Billing, Expense reimbursement<\/td><\/tr> Education<\/strong><\/td> Corruption, Billing, Cash larceny, Cash on hand, Noncash<\/td><\/tr> Technology<\/strong><\/td> Corruption, Billing, Noncash, Expense reimbursement, Financial statement fraud<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n #<\/td> Questions<\/span><\/strong><\/td> R<\/td> AC<\/td><\/tr> <\/strong><\/td> Incident Management<\/span><\/strong><\/td> <\/td> <\/td><\/tr> <\/td> Ensure that adequate support staff is available to address the questions from remote workers and resolve the issues in time<\/td> <\/td> <\/td><\/tr> <\/td> Check the incident backlogs and review if high- risk issues are addressed on high priority<\/td> <\/td> <\/td><\/tr> <\/td> Check if the employees are notified and aware of the security incident procedures<\/td> <\/td> <\/td><\/tr> <\/td> Emergency Changes<\/span><\/strong><\/td> <\/td> <\/td><\/tr> <\/td> Without having a strong emergency change management process in place, the review of emergency changes is a high priority<\/td> <\/td> <\/td><\/tr> <\/td> Lack of categorization and risk rating for emergency changes means a review of a larger sample of changes.<\/td> <\/td> <\/td><\/tr> <\/td> Risk Review<\/span><\/strong><\/td> <\/td> <\/td><\/tr> <\/td> Perform the sample check of change management risk assessment forms for the changes implemented during the last eight weeks<\/td> <\/td> <\/td><\/tr> <\/td> Review emergency risk assessment forms where assessment is performed after the implementation of emergency changes.<\/td> <\/td> <\/td><\/tr> <\/td> Ensure risk are defined and rated as per risk register in change risk assessment forms<\/td> <\/td> <\/td><\/tr> <\/td> In the absence of Risk Register ensure that risks are defined, categorized, and rated properly<\/td> <\/td> <\/td><\/tr> <\/td> Ensure that controls mentioned in the risk assessment forms are valid controls including compensating controls<\/td> <\/td> <\/td><\/tr> <\/td> Ensure forms are valid and some of them may need periodic review<\/td> <\/td> <\/td><\/tr> <\/td> Firewall Changes<\/span><\/strong><\/td> <\/td> <\/td><\/tr> <\/td> Review firewall change approvals<\/td> <\/td> <\/td><\/tr> <\/td> Review firewall change logs and change approvals for selected<\/td> <\/td> <\/td><\/tr> <\/td> Review all firewall changes related to third party requirements<\/td> <\/td> <\/td><\/tr> <\/td> Physical Security<\/span><\/strong><\/td> <\/td> <\/td><\/tr> <\/td> Check with the facilities department that physical security checks are in place for any employees reaching office and proper approval is in place before allowing anyone to enter the premises.<\/td> <\/td> <\/td><\/tr> <\/td> Cybersecurity Checks<\/span><\/strong><\/td> <\/td> <\/td><\/tr> <\/td> Check the most recent laptop imaging standards and review procedures for secured connections<\/td> <\/td> <\/td><\/tr> <\/td> Check the recent reports for application antivirus, DLP, and software patch updates<\/td> <\/td> <\/td><\/tr> <\/td> Question if the number of laptops without the latest patches and updates is above the threshold<\/td> <\/td> <\/td><\/tr> <\/td> Check the privileged access granted to third parties to access the production data, sensitive data, privacy data, and applications remotely<\/td> <\/td> <\/td><\/tr> <\/td> Verify if the logs are maintained and reviewed for privileged access especially changes to applications in a production environment<\/td> <\/td> <\/td><\/tr> <\/td> Check if screen lock settings are functioning as intended<\/td> <\/td> <\/td><\/tr> <\/td> Check the cyber threat reports during the last eight weeks and review how the high-risk threats are addressed and check if timely actions were taken<\/td> <\/td> <\/td><\/tr> <\/td> Review remote access approvals for sensitive data<\/td> <\/td> <\/td><\/tr> <\/strong><\/td> Business Continuity\/Disaster Recovery<\/span><\/strong><\/td> <\/td> <\/td><\/tr> <\/td> Review incident tickets created for backup issues within the last eight weeks<\/td> <\/td> <\/td><\/tr> <\/td> Check for major issues and how it is addressed<\/td> <\/td> <\/td><\/tr> <\/td> Check for the latest backup details and no issues reported<\/td> <\/td> <\/td><\/tr> <\/td> Data Security<\/span><\/strong><\/td> <\/td> <\/td><\/tr> <\/td> Check with the encryption team if they have reported any issues and any incident ticket is pending resolution<\/td> <\/td> <\/td><\/tr> <\/td> Check if the new laptops have proper encryption controls in place<\/td> <\/td> <\/td><\/tr> <\/td> Physical Security<\/span><\/strong><\/td> <\/td> <\/td><\/tr> <\/td> Check with the facilities department that physical security checks are in place for any employees reaching office and proper approval is in place before allowing any one to enter the premises<\/td> <\/td> <\/td><\/tr> <\/strong><\/td> Compliance<\/span><\/strong><\/td> <\/td> <\/td><\/tr> <\/td> Conduct inquiry and perform a high-level review of high-risk compliance controls<\/td> <\/td> <\/td><\/tr> <\/td> Review any major issues reported impacting compliance<\/td> <\/td> <\/td><\/tr> <\/td> Customer Complaints<\/span><\/strong><\/td> <\/td> <\/td><\/tr> <\/td> Check the customer complaint tickets and volume of the tickets during the last eight weeks compared to earlier<\/td> <\/td> <\/td><\/tr> <\/td> Check for repetitive and major high-risk issues and resolutions in place or pending status<\/td> <\/td> <\/td><\/tr> <\/strong><\/td> Training<\/span><\/strong><\/td> <\/td> <\/td><\/tr> <\/td> Check if the training such as phishing, ransomware, malware, etc. is conducted at least once during the last eight weeks. Ensure employees are aware of what needs to be protected.<\/td> <\/td> <\/td><\/tr> <\/td> Ensure employees are aware that hardware is not shared while working from remotely<\/td> <\/td> <\/td><\/tr> <\/strong><\/td> Fraud Checks<\/span><\/strong><\/td> <\/td> <\/td><\/tr> <\/td> Especially important for certain clients. Checks from the fraud perspective are important and ensure processes and controls operating as intended<\/td> <\/td> <\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n