To help us further illustrate the threat of external fraud, let’s look at a case investigated by Uphando.
External Fraud Investigation by Uphando
This case involves a school and their Hostel, Cleaning and Daily Food supplier.
The school received an email from a fraudulent email address regarding change of banking details of the supplier. The email was set up in such a way that it looked like a legitimate email from the supplier. Payments were then made to the new bank account, without the school verifying the change with the supplier. The supplier also provided statements and account codes to a third-party who claimed to be an auditor of the school, also failing to verify this with the school first. The fraud was extremely well planned and executed and it was clear that the perpetrators received good intelligence that assisted them in the execution of their cyber attack. This, combined with negligence on behalf of all parties involved, as well as weaknesses of internal controls, lead to a financial loss of over five hundred thousand Rand.
So what about the front door? Although none of the staff members of the school or the supplier were implicated in the fraud, if internal controls, policies and procedures had been in place and followed, the losses could have been minimised or not taken place at all.
The alarming thing about this is that we see a number of breaches of this nature annually where the very basics of security have been ignored.
Protect your business today! Ask us how.