To help your company become an insight-driven organization, the first three articles of this series on fraud presented how to recognize the value in all of your company’s data as well as develop a successful data analytics framework to help extract that value.
Unfortunately, cyber criminals also recognize the value in your company’s data and are constantly searching for ways to gain access. This article covers some of the tactics cyber criminals use and arms you with information that may be useful, should your company fall victim to a cybercrime.
How worried should you be about the risk of cyberattacks? Aren’t the cyber criminals going after Target, Neiman Marcus, Anthem, and Home Depot? They’re not actively pursuing construction companies, right? Wrong.
Cyber criminals do go after construction companies. Let’s say that you arrive in the office expecting to have a normal day. You start your computer and check your calendar, confirming the calls and meetings for the day, when you get an e-mail from your controller that says, “Why was it so important for us to pay that subcontractor immediately last week? I’m not one to second-guess your decisions, but I just couldn’t stop thinking about it this weekend after we wired the money on Thursday.”
You reread the e-mail a few times because you have absolutely no idea what he is talking about. You never requested a wire to be sent last week. You call the controller, and he confirms that you indeed e-mailed him last week demanding payment to a supplier immediately, which he dutifully had accounts payable pay. The problem is, you never e-mailed him, and $150,000 is now gone and highly unlikely to be recovered.