Scammers use DocuSign API to send fraudulent invoices
CFOs, beware: cybercriminals are exploiting DocuSign’s legitimate business tools to deliver fraudulent invoices directly through trusted channels. This scheme is particularly dangerous …
Australia is currently facing a fraud pandemic. According to a recent survey, 22% of Australian companies impacted by fraud say they lost more than $7.1 million. 40% of Australian companies impacted by fraud say it cost them more than $1.4 million.
In other words, fraud isn’t chump change. It can cost your organisation big time.
To raise awareness of the risks of fraud, 13 to 19 November 2022 has been designated as Fraud Awareness Week. With the right awareness in place, we demonstrate how to stop a fraudster and become your organisation’s fraudSTAR!
What motivates someone to commit fraud?
That’s a difficult question to answer, as every case is unique. Different individuals will be motivated by different factors.
However, Eftsure has been helping Australian organisations stop some of the most common types of fraud, such as supplier payment redirection, for many years. Based on our experience, each fraud incident contains three common traits that we call the “Unholy Trinity” –
An individual may be experiencing significant financial pressure due to debts. This can cause the person to think irrationally and to take actions they otherwise would not take.
Alternatively, they may be experiencing pressures as a result of addiction, typically gambling addiction. This may cause the person to resort to fraud as a way to satisfy their addiction.
An individual may identify an opportunity to carry out fraudulent acts, particularly if they are very familiar with an organisation’s internal processes and controls.
Once they identify a loophole, they find it impossible to avoid taking advantage of the opportunity that presents.
An An individual that engages in fraud often finds ways to justify their acts to themselves.
Typically, this involves a sense of grievance, where the individual feels they have been overlooked for a raise or a promotion.
When it comes to stopping fraud, it helps to know what to be on the lookout for.
We have previously investigated the behavioural red flags that should raise suspicions. However, there are also certain personality traits that could indicate that someone you work with may be motivated to carry out fraud.
These are our 8 fraudster personas to lookout for:
This is the type of individual who does not follow company policies. At the heart of a fraud prevention program are policies that embed controls. These controls are essential to mitigate the risk of fraud. Even if Reckless Rick isn’t a fraudster, by undermining company controls, he may be enabling others to commit fraud.
This is an individual who deceives others in order to gain some advantage. For example, Deceiver Dave may seek to deceive others into rapidly processing unauthorised payments, without following normal controls or procedures.
One of the most common types of frauds involves impersonating a senior executive, such as the CEO or CFO, as a prelude to deceiving accounts payable (AP) staff into processing unauthorised payments. Impersonator Igor may find a way to infiltrate a senior executive’s email account and will misuse it for nefarious purposes.
Sometimes, a fraudster will fabricate false or inflated invoices, and submit them for payment to the AP team. Fabricator Fabio can be hard to identify and stop as he knows all the internal controls and understands how to circumvent them.
This is an individual who manipulates others to take certain actions that advantage him. For example, Coercer Colin may manipulate or coerce a colleague into giving him access to the Vendor Master File so he can change supplier information and have payments redirected to a bank account he controls.
Sometimes those in positions of authority exploit their seniority for personal gain. Exploiter Edward may use his position as a Team Leader, to instruct AP staff under him to bypass normal financial controls. This could allow him to defraud the organisation.
A common feature of fraudsters in secrecy. A concealer will want to hide their activities for as long as possible. Concealer Conner will resist sharing information, or rotating job roles, so others have very little opportunity to uncover his fraudulent activities.
Collusion between individuals can undermine Segregation of Duties and enable fraud. For example, Organised Owen, who is responsible for inputting payment data into the ERP, organises for his colleague, who is responsible for processing the payments, to do so without following the usual procedures.
Stopping fraud in its tracks is no easy feat.
It requires a holistic approach that brings together people, processes and technology.
When it comes to your people, ensure you have extensive fraud training in place. Staff must understand what is expected of them, how they can identify potential fraud and what whistle-blower protections are in place if they report a suspected misdemeanour.
As for processes, it is essential that you have both internal and external auditing in place. This will ensure you can monitor activities occurring within the organisation and will alert you to suspicious activities promptly.
Perhaps most importantly, you need tools that automate your ability to have constant visibility over outgoing funds.
With Eftsure sitting on top of your accounting processes, you have an indispensable tool that provides constant visibility over outgoing funds.
Eftsure ensures you have an audit trail of all outbound transfers. Anything suspicious payments can be readily identified and investigated. Attempts to manipulate supplier payment details, so funds can be redirected to an illegitimate bank account, can be rapidly flagged, helping you reduce the risk of fraud.
With Eftsure in place, you really can ensure you become a fraudSTAR!
Contact us today for a full demonstration.
CFOs, beware: cybercriminals are exploiting DocuSign’s legitimate business tools to deliver fraudulent invoices directly through trusted channels. This scheme is particularly dangerous …
Because LinkedIn is used as a professional networking platform, account holders don’t use the same caution as they would on Facebook or …
Fraud is usually associated with deception, manipulation, and crime, but what many people don’t realize is that not all scams are illegal. …
End-to-end B2B payment protection software to mitigate the risk of payment error, fraud and cyber-crime.