Help Protect Your Employees' 401(k) Plan Savings from Fraud

Recently, a 401(k) plan participant was defrauded of approximately $740,000 when he fell victim to an elaborate scheme perpetrated by overseas criminals. However, even friends, family members and employers have been discovered stealing from 401(k) accounts, adding up to millions of dollars in losses every year. Here’s what your organization can do to help keep your employees’ retirement savings safe from theft. Assessing existing protections If your organization sponsors a 401(k) plan, assessing plan service providers’ protection systems and policies is essential. Most providers carry cyber fraud insurance that they extend to plan participants. But there may be limits to this protection if, for example, the provider determines that you (the sponsor) or employees (participants) opened the door to a security breach. Your plan’s documents may say that...

How Your Business Can Fight ATM Skimming

Skimming, where criminals use hidden digital readers to steal debit and credit card information, is a pervasive threat that can result in significant financial losses for businesses. The FBI estimates that ATM and point-of-sale (POS) skimming generates more than $1 billion for criminals annually. So if your business offers or operates these machines, you need to assess your risk and take steps to prevent skimming from happening on your premises. How it happens Skimming is widespread among thieves because it’s a relatively straightforward crime to perpetrate. Fraudsters secretly place a skimming device — usually a plastic overlay — on an ATM or POS reader to capture card data and users’ PINs. Alternatively, they might use hidden cameras focused on the keypad or even a “dummy” keypad. They then...

Why Your Business Needs to Protect Against Executive Fraud

You may trust your executive management team implicitly. But the research is clear: In organizations where executives turn to fraud, the results are very costly. According to the Association of Certified Fraud Examiners’ (ACFE’s) Occupational Fraud 2024: A Report to the Nations, owner/executive fraud makes up only 19% of all cases but has a median loss of $459,000 per incident. That compares with $60,000 per incident for non-managerial employees. Part of the reason behind such great financial losses is the fact that it generally takes longer to detect fraud perpetrated by executives (24 months vs. eight months for rank-and-file worker schemes). So the more proactive you are about preventing and detecting occupational fraud at the highest levels, the better. 3 factors You might start by considering how the...

How Cybersecurity and Physical Security Go Hand in Hand

Protecting your small business from theft is far more complex than it used to be. Gone are the days when locking the doors was enough to minimize the likelihood of intruders. Today, companies face both physical and cyber risks, and it’s critical to understand how they’re intertwined. The problem with things Imagine that a thief breaks into one of your employee’s cars and steals a company laptop that contains your entire customer database. Here, physical theft can grant access to digital assets. Among the possibilities are that the crook: Is working for a competitor who’s looking for an unfair advantage, Will use the customer information to commit identity theft, or Might share the data with other criminals on the dark web. Or consider the risks involved with the...

Fraud Disasters Require a Contingency Plan Too

Your business probably has a disaster plan — or a set of procedures for dealing with a fire, natural disaster, terrorist attack or other emergency that could disrupt operations and threaten lives. Although a fraud contingency plan probably isn’t as critical, it’s still important for most companies to have one. Here’s how to draft and put a fraud contingency plan in place. Where are your weaknesses? Start by meeting with your senior management team and financial advisors to devise as many fraud scenarios as you can dream up. Consider how your internal controls could be breached — whether the perpetrator is a relatively new hire, an experienced department manager, a high-ranking executive or an outside party. Next, decide which scenarios are most likely to occur given such factors...

What You Can Do About Workers' Comp Fraud

Workers’ compensation insurance can provide medical care and financial assistance to employees who are injured or incapacitated at work. However, this important benefit is also subject to fraud perpetrated by dishonest workers. The Coalition Against Insurance Fraud says that 16% of workers’ comp claims are fraudulent, adding up to $9 billion in annual losses. Such losses hurt businesses, insurers and states. But you can help reduce the possibility that a scheme will be perpetrated in your organization. Common employee and employer schemes Employees violate workers’ comp rules if they file claims for injuries they didn’t experience or injuries or illnesses they did experience, but not at work. Workers’ comp fraudsters also might exaggerate the severity of their injuries or illnesses, or falsely state that they can’t work in...

Office Supply Fraud is Sneaky, But Preventable

Office supply scams are a tricky type of vendor fraud that generally use behavioral psychology and often depend on poor intraoffice communications for their “success.” Although they may not result in huge financial losses for defrauded companies, falsified invoices can add up to many thousands of dollars. Fortunately, you can help prevent them. How scams are perpetrated Office supply schemes typically begin as telemarketing fraud, with someone calling your business to obtain your street address and the name of an employee. Callers may: Ask for the “person in charge,” Claim to need information to complete an order, or Pretend to verify an office machine’s serial number. The goal is to get a name that will lend legitimacy to bogus shipments and invoices. For example, a supplier might ship...

Assemble a Comprehensive Cybersecurity Plan

Regardless of their size, businesses rely heavily on technology. Although your network and computer-related tools are essential to function, they’re also a potential liability because they can offer cybercriminals access to your company. To protect against this complex and ever-evolving threat, businesses must deploy a comprehensive cybersecurity program. Your arsenal You should already have a cybersecurity software package to protect technology assets. But to provide the best protection from hackers and other fraud perpetrators, arm your business with these seven additional weapons: 1. Strong passwords. Given a choice, most computer users select passwords that are easy to remember and input. But cybercriminals use password-cracking software that can guess simple passwords in almost no time. So require all employees to choose complex passwords that combine upper- and lowercase letters, numbers...

Watch out for Tax Misinformation on Social Media

Social media gets blamed for a lot these days — sometimes for good reason. Recently, the IRS issued a warning to individual and business taxpayers to beware of false claims about various federal tax breaks that appear on social media platforms. The common denominator of such claims is that they involve legitimate tax provisions for which most taxpayers don’t qualify. If you claim these breaks erroneously, it could delay a refund, require time-wasting correspondence and paperwork, and even result in penalties and criminal prosecution. Abusing legitimate tax breaks Intentionally fraudulent or even honestly inaccurate tax advice can come from many sources. These days, a lot of people put faith in social media “influencers,” who may not be qualified to dispense financial advice. According to the IRS, thousands...

IRS Reminds Car Dealers to be Aware of Phishing Scams

(As appearing in IR 2024-186) IRS reminds car dealers and sellers to be aware of phishing scams In light of the CDK ransomware attack, the Internal Revenue Service would like to remind car dealers and sellers to be aware of evolving phishing and smishing scams that could impact day-to-day operations of the business. In light of the recent ransomware attack against CDK, the IRS is warning individuals and businesses to remain vigilant against these attacks. Fraudsters and identity thieves attempt to trick the recipient into clicking a suspicious link, filling out personal and financial information or downloading a malware file onto their computer. Scammers are relentless in their attempts to obtain sensitive financial and personal information, and impersonating the IRS remains a favorite tactic. The IRS urges car dealerships...