SCAMMED! A Cautionary Tale and a Defense Strategy Presenters: Ann Kokx-Templet Director of Contracts and Purchasing Services
Bill Dickerson Director of Accounting and Financial Services Attack Types Methods of Attack
Payment Fraud Continues on the Uptick Percentage of firms that experienced actual and/or attempted payment fraud in 2017 Prevalence of Fraud by Payment Type
Sources of Actual / Attempted Payment Fraud in 2017 Payroll Fraud Payment Fraud and
How the Scam Occurred 3/19/2018 - Fraudster opened new domain name from
namecheap.com 3/19/2018 10:43 AM Fraudster sent email request to San Jac to update supplier ACH
electronic payment banking information 3/19/2018 10:49 AM
SJC Forwarded new direct deposit form to Fraudster 3/19/2018 11:22 AM
Received new direct deposit form and copy of voided check with new routing number
3/19/2018 11:22 AM Received direct deposit form and copy of voided check with routing
number 3/22/2018 Payment intended for a construction contractor issued to the fraudsters account with confirmation sent to email on record 3/26/2018 - PNC Bank contacted JPM
Chase (our bank) because they suspected it may be fraudulent Our Response and Cure Measures Team formed with department leaders from Accounting, Accounts Payable, Purchasing,
Internal Audit, Payroll and Police Informed supplier of the fraud College Police started investigation Issued subpoenas to obtain bank account and domain names owner information Implemented new controls and formal procedures to prevent recurrence of this type of fraud
Insurance (Crime Policy) coverage limited to $150,000 Key Controls Obtain confirmation from supplier on all
changes Confirm using contact information in existing vendor database, not the information provided in an email or new invoice Only accept information from communication we initiate
Accept information from Controller or Accounts Receivable personnel only Banner FTMVEND using FOATEXT Document all changes Date
Initials of person making changes Phone number or email that was contacted Name and job title of person at firm who supplied the information Notate everything that was changed in the record
Update Address and Direct Deposit Information Other Preventative Measures Implementation of Tighter
Internal Controls Partner with Accounts Payable and Purchasing Publish a clear payment processing policy and follow it Enforce strict compliance with the payment and vendor set-up process
Keep a clean vendor master database Perform callbacks on all account change requests Be watchful for potential malware links If something doesnt feel right, ask questions
DONT BE RUSHED Partner with Accounting Teams Bank account reconciliation is a key control to detect fraud Consider implementing daily automated reconciliation process for:
Bank statements Receivables matching Check clearing Enforce strict segregation between financial payment systems Watch out for overpayment or duplicate payment refund
requests from accounts receivable Partner with Audit Team Engage audit teams early and often Immediately report fraud and ask your internal audit team to engage in a risk
assessment Perform access reviews to keep system access clean and limited to only those who require it Partner with Technology Teams
Awareness, training and repetition are important tactics in preventing cyberattacks Mandate cybersecurity training Provide phishing awareness reminders as well as reporting tools Implement social engineering exercises to test readiness
Tips for Identifying Phishing Emails Sender name is vague or generic Subject does not specify the purpose of the email Sender address has a suspicious domain (i.e. builders-US.com) Grammar, spelling or punctuation mistakes
Look for foreign spellings of English words such as Organise instead of Organize Uses authoritative language to entice the user to respond quickly Link is obfuscated Absence of a logo or improper use of text and graphics Unusual web links or attachments
Tell Us About Your College Thank you. Source Credits: Association for Financial Professionals
(AFP), Payments Fraud and Control Survey, Underwritten by J.P. Morgan Chase
CSCE 212 Chapter 8 Storage, Networks, and Other Peripherals Instructor: Jason D. Bakos Magnetic Disk Storage: Terminology Magnetic disk storage is nonvolatile 1-4 platters, 2 recordable surfaces each 5400 - 15,000 RPM 10,000 - 50,000 tracks per surface Each track...
On Mount Olympus, the gods created a young woman. Each one gave her a special gift, such as a silvery gown, a golden crown, great beauty, and garlands of flowers. They named her "Pandora," which means "the gift from all."
What exciters can we add to keep the customer with us? What types of documentation / training needed for users? Are compliance documents needed to sustain business? How to technology current to avoid risks from shelf-life? How to avoid technical...
Welcome to 1st Grade Mrs. Arthur RM 310 Mrs. Dew RM 308 Mrs. Lepick RM 311 Mrs. Lingenfelter RM 309 What is First Grade all about? Forming a classroom community Fostering independence Teaching responsibility Standards Based Instruction using the AZCCRS.
Mid-Point Peer Review of AIU Data. 2024 - 2025. Self-Study Evaluation using the "New" 7 Standards. MSCHE Evaluator Team Site Visit. Requirements of Affiliation. ... mission-centric standards acknowledge the diversity of institutions.