Scammers use DocuSign API to send fraudulent invoices
CFOs, beware: cybercriminals are exploiting DocuSign’s legitimate business tools to deliver fraudulent invoices directly through trusted channels. This scheme is particularly dangerous …
Business identity theft is an increasingly popular crime among Australians. There are various ways a hacker can steal your identity, especially with the increased use of technology. This includes infiltrating your emails, ERP systems, network or personal devices.
The good news is that you can implement controls to prevent identity theft. In this blog, we will discuss how to prevent identity theft in 7 steps with easy-to-implement strategies.
Before implementing procedures to protect your accounts payable team from identity thieves. It’s important to recognise the several tactics an identity thief may use:
Given the rising costs of data breaches, organisations must establish strong security controls. If you are looking to protect your personal or financial information and prevent data loss, here are a few steps to get started:
Source: Australian Cyber Security Centre (ACSC)
The first easy step to protect your identity is by implementing multi-factor authentication (MFA).
For instance, one simple action can prevent 99.9% of attacks on your accords according to Microsoft. Enabling MFA will reduce the risk of account takeovers and provide additional security to help ensure your organisation’s networks, applications, accounts and endpoints.
Getting started with MFA is simple, it requires you to enter at least two to three of the following to authenticate before accessing your account:
It won’t be enough for scammers to have your password to access your account. The extra security protocol is effective for anyone who is looking to secure their data.
Installing antivirus or security software is great for organisations that are looking to detect and prevent hackers from accessing the information on their work devices. A standalone work device should never be left unprotected. In 2022 it’s a must-have for enterprises, especially with the new methods of hacking and scamming.
Don’t stop there, adding a Virtual Private Network (VPN) on top of your security software will significantly minimise the risk of identity theft. According to Norton, a VPN “gives you online privacy and anonymity by creating a private network from a public internet connection”.
This means, that while you are using work devices to carry out your job function, you can hide your IP address whenever you’re surfing the web or downloading files, ensuring that your data is encrypted.
Another simple yet effective way to prevent identity theft is to ensure that your passwords are unique. This involves establishing a unique password for each account using upper and lower case words, numbers & special characters. Cyber.gov.au recommends creating a unique password for every account of at least 14 characters.
This makes it extremely difficult for fraudsters to hack or attempt to brute force into your accounts. If tracking each unique password is challenging, you should consider using a password manager. Using a password manager will save all your login details freeing you of the burden of remembering each password.
Checking your credit scores and reports can help you better understand your current credit position. Regularly checking your credit reports can assist you to detect any inaccurate or incomplete information. Usually, when individuals fall victim to identity theft, their credit scores are negatively impacted.
Requesting a credit report is free and straightforward. You can request a free copy if you’ve been refused credit within the past 90 days or if your credit-related personal information has been corrected.
Financial identity theft is one of the most common forms of identity theft. That’s why every organisation must verify payee details such as the BSB and Account Number before releasing funds.
Reviewing the payee and bank statements allows you to investigate any fraudulent activity and reacting promptly can prevent cyber criminals from attempting identity theft. If you don’t recognise a bank account or a transaction, you should report this to your bank immediately.
When browsing the web, you should only use trusted domains and websites. For example, a secure domain will have a padlock symbol next to the URL meaning that the connection between your web browser and website service is “encrypted”. Accessing websites that are not secure can leave you vulnerable to malware and infections.
All types of intellectual property and files should be backed up on One Drive, iCloud, or Google Drive. Backups are important because they protect against human errors, computer viruses or power failure. If you experience a data breach or infection, backing up documents and files can save you countless hours of recovering files post-attack.
Once identity theft occurs, it can be a devastating experience for any organisation.
According to the AIC, the annual economic impact of identity crime exceeds $2 billion.This kind of organisational damage is not an easy recovery and most businesses may not be able to recover at all. As a CFO, it’s important to be aware of the dangers and to take action against this severe threat.
With Eftsure, our real-time alerts will allow you to investigate any fraudulent activity before releasing payment by verifying the BSB and Account Number. This gives your accounts payable team assurance that your information is not being stolen by identity thieves.
Contact Eftsure today, for a full demonstration of how we can protect your business from identity theft.
CFOs, beware: cybercriminals are exploiting DocuSign’s legitimate business tools to deliver fraudulent invoices directly through trusted channels. This scheme is particularly dangerous …
Because LinkedIn is used as a professional networking platform, account holders don’t use the same caution as they would on Facebook or …
US construction and government sectors lost $7.7 million in BEC scams. Learn how fraudsters exploited financial controls and how finance leaders can protect their organisations.
End-to-end B2B payment protection software to mitigate the risk of payment error, fraud and cyber-crime.