Business

Vishing Attacks be-aware!

VishingVishing Definition

The fraudulent practice of making phone calls or leaving voice messages purporting to be from reputable companies in order to induce individuals to reveal personal information, such as bank details and credit card numbers.
“many victims of vishing are people who are not tech-savvy

Vishing Protection

Please take the following measures to protect  yourself from vishing attacks:

 

  • If you see a missed call from an unknown number on your personal or professional device, do not call back. Your account could be charged if you return the call.

 

  • Hang up if you hear no response after a few seconds of picking up the phone.

 

  • Do not trust your caller ID. Be aware that even if your caller ID displays the phone number and/or name of a legitimate person or company, the call is not necessarily coming from that number.

 

  • Never provide credit card information or other private information to anyone who calls you.

 

  • If you receive a phone call and someone immediately asks, “Can you hear me?” hang up. This recent scam uses your recorded “yes” response to authorize purchases.

Fraud: detecting it in Accounts Payable

Fraud Definition of Fraud:

noun
*  wrongful or criminal deception intended to result in financial or personal gain.
“he was convicted of fraud”
synonyms: fraudulence, cheating, swindling, embezzlement, deceit, deception, double-dealing, chicanery, sharp practice; More
*  a person or thing intended to deceive others, typically by unjustifiably claiming or being credited with accomplishments or qualities.
“mediums exposed as tricksters and frauds”
synonyms: impostor, fake, sham, charlatan, quack, mountebank;

Fraud: it brings on many changes

It’s a reoccurring theme, just like in the lyrics of “Suicide is Painless” (the theme to M*A*S*H,  only in the movie did you ever hear the lyrics).  It sucks the life blood out of your business.  And it can bring complete financial ruin.  It is contagious.  Slowing its spread can be difficult.  Like the common cold it can’t be stopped.

 

Jeramy Kaiman VP Accounting Principals wrote a blog on detecting fraud “How to Detect Accounts Payable Fraud“. In it he describes three ways to uncover the chicanery.

  1.  Consider the human element.
  2.  Verify all vendors.
  3.  Test transactions.

All valid steps.  Some of the human elements Kaiman talks about are telltale signs that a person is open to corruption.  Mr. Kaiman talks about living beyond one’s means, other traits are being disgruntled, showing antisocial and other behavioral issues at work.  As I said, these signs show that a person is open, not that they are or will be corrupted.  This leads to additional methodologies that diminish the ability to commit fraud.

How can you combat fraud?

What’s good for the goose is good for the gander.

Don’t let the managers flaunt their positions.  Don’t have two sets of rules, one for them, the other for us.  That just adds discontent, malice and destroys morale.  Bad morale leads to disgruntled employees and an increase in fraud and a decrease in productivity.

Conspiracy theory.  Have you ever played telephone as a kid.  A bunch of kids sit in a line or large circle.  Someone whispers a pre-written sentence to the first in line, and they share it with the person next to them.  Upon the last person hearing the sentence, have that person tell the whole group.  The original sentence is compared.  Invariably it has no bearing on that written sentence. Now think conspiracy

One person, easy to keep a secret.  Two people a little more difficult.  Three more difficult and the difficulty gets harder as the circle is widened.  Institute internal controls.

Make sure  multiple people need to not only approve, but look at the transactions.  Use technology and pre-existing rules and procedures in that technological system.  Limit or eliminate exceptions to the rules.

If everthing is an exception; than the exception becomes the rule!

Have an outside party review your internal controls.

Like we said, you can’t eliminate fraud, but you can minimize and mitigate it.

Don’t be fooled

By the way, there is fraud in Accounts Payable, Accounts Receivable, Sales, Inventory, Purchase Orders.  In fact there can be games played in every aspect of your business and the accounting system.  When key people go on vacation (and you must insist that everyone take at least 5 consecutive days of vacation), look at their work and see if it is on the up and up.  Not taking vacations or 5 consecutive days is also a telltale (besides being unhealthy).

 

 

Protecting Your Data and Networks From Ransomware

Symantec-ransomware-image

There is a major RANSOMWARE attack on-going in more than 70 countries

This was first reported May 13th 2017 and over 100 countries have been affected.  

The attack favors Microsoft Window machines.  According to Microsoft if you use their auto-updating feature then you recieved the security update that protects you against this particular attack.  If you don’t, UPDATE IMMEDIATELY!!

Ransomware

An article appeared with this very title about Ransomware on the Financial Executives International website by Dave Pelland on April 25th, 2017.   I then brought up the subject (again) about cyber security, ransomware, data backups on the CFO website Proformative.com.  And yet, the response from the CFO community has been tepid.

There are so many scams. The fake IT department calling and requesting your IP address.  Why? To malware embedded in websites and email.  The unwary, non-proficient or the just a disgruntled person can fall victim to many different scams.  Once you fall victim, the consequences can become devastating. Continue reading »

Bank Reconciliation: small business series

Bank Reconciliation

Check Register Bank ReconciliationToo often the start-up company doesn’t see a need to implement accounting and accounting controls.  They start their new company and run their business out of their checkbook.  Their check register and bank statement become their accounting system. Not only that, they never do a bank reconciliation.

This mode of operation is fraught with issues that can ruin a good idea faster than that speeding bullet.

How often do you do your bank reconciliation on your personal account?  Did you record all those checks? What about the zillion debit card transactions?  How do you know someone didn’t slip an unauthorized check or charge into the mix?

The picture to the right is a simplistic check register.  Not much different than the register’s that come with your checkbook.  So what’s wrong with this register?  I see several issues.  Most glaring is there are missing check numbers.  What happened to check 54356 and 54357?  Were they destroyed, are the saved for future use (and why) or did you forget to record them.  If you did use them, how much were they for?  Are you now in overdraft?

Or, did someone take the checks and commit a fraud?

Is your company checks and checkbook locked away?

Do you have a process for writing checks?

Continue reading »

Revenue Streams: have you ever thought about them?

I was reading an article in CFO.com, titled Services With A (CFO) Smile.  It was about revenue streams.  It got me thinking.

Revenue Streams

revenue streamI cannot remember when a conversation has ever ensued that discussed revenue streams in this context.  The differentiation of products and services to obtain revenue at different points in the fiscal year.

Now we have discussed new products and new business lines including acquisitions and strategic partnerships as ways of growing sales.  However, the fact that these new lines may or may not have different cycles never came up.  Maximizing our productivity of the different components of the company, was also never in the mix.

Obviously if you can keep productivity near 100% daily, you will have reaped full benefit of fixed assets and expenses, as well as employees.  Logically, if that increased productivity worked its way to sales (revenues), the bottom line would also show improvement. Continue reading »