Posts Tagged ‘federal trade commission’

Did Fraudsters Counterfeit Your Organization’s Checks?

Wednesday, July 20th, 2016

Scam Hurts Professional Caregivers, Businesses

Check Fraud  - Ohio CPA Firm

Professional caregivers are being targeted by fraudsters after marketing their services via popular online websites. Unfortunately, these professionals aren’t the only victims of this fraudulent check scheme. Read on to learn more.

The internet can be a valuable tool for so many honest, well-meaning people. Unfortunately, it can also be a playground for fraudsters.

The Federal Trade Commission (FTC) continues to warn consumers about the dangers associated with a fraudulent check scheme designed to take advantage of those offering professional caregiving services on sites such as care.com or sittercity.com. But these individuals aren’t the only targets. Fraudsters are using the existing account and routing numbers from real businesses to counterfeit checks. Oftentimes, the scammers will go so far as to reconstruct the business’s logo in an effort to appear even more authentic. Once the check is made and the target is identified, the con artist will send a large check to the service provider and ask them to send a portion of the funds to a third party for other goods and services allegedly related to the job.

Read Also: 10 Ways To Implement Internal Controls With Limited Resources

Recently, a local entity found itself in the middle of an active scam that followed a chain of events in line with the FTC’s original warning. It was only a matter of time before officials discovered that the check and the third party were fake.

“It takes only a day or two for your bank to make the money available to you, but it can take weeks for your bank to determine a check is phony. If you already withdrew that money, you’re on the hook to pay back the bank. If you’ve already transferred the money to the third party, it’s gone – like sending cash. – read the entire FTC warning.

It turns out that the local entity’s accounting vigilance and banking relationships really paid off. Rather than releasing the requested funds identified on the check, which would then be sent off to the fake third-party, the transaction was halted when the discrepancy with the numbers was identified. Because the check number and dollar amount didn’t match any payment previously authorized and issued by the entity, the bank denied payment.

Fortunately, in this scenario, the fraudster was thwarted, the entity’s funds remained secure and the service provider’s bank account remained in the black. Others won’t be as lucky. Regardless of how confident you are that this scheme would never happen to you and your business, the following are three general best practices designed to maintain your safety against a wide variety of threats.

1)      Double Check Your Checks With Positive Pay

An anti-fraud service offered by most banks, Positive Pay will match the account number, check number and dollar amount of each check presented for payment against a list of checks previously authorized and issued by the company. This will help the bank determine which checks are legit and which ones should be questioned. This service helps prevent your organization’s funds from being drawn from your bank account.

2)     Regularly Review Your Bank Activity

Sure the World Wide Web can be a scary place, but it’s also incredibly useful particularly when it comes to keeping tabs on your entity’s financial activity. Optimally, you should take a bit of time once a day to review your bank activity online. If you can’t monitor it that frequently, it should be a weekly goal – at least. Never, under any circumstances, wait until the end of the month to review your account. By then, it will be too late to take any meaningful action against a scam that’s already active.

3)     Maintain A Positive Relationship With Your Banker

Your banker should have a seat at your advisory team’s table. Not only are they providing you with essential service, they have top-notch advice at the ready. If you don’t already, get to know your primary point of contact. Then, make it a point to build a solid relationship with them and their team. Yeah – it’s just that important. This slideshow further illustrates the importance of business/banker relationships.

Email Rea & Associates to learn more about protecting your business, entity or organization from fraud.

By Annie Yoder, CPA, CFE, CFF (New Philadelphia office)

Check out these articles for more fraud prevention articles:

Where There’s Smoke, There’s Fire: 5 Internal Control Tips That Can Save Your Business From Fraud

Can A Cybercriminal Crack Your Company’s Network?

Could Your Company Be Ransomware’s Next Victim?

Share Button

Businesses Beware: Sloppy Data Security Could Cost You

Wednesday, August 26th, 2015

Defend Against A Data Breach - Ohio CPA FirmAs if you didn’t have enough keeping you up at night, the topic of data security continues to send collective shivers up the spines of business owners worldwide. Unfortunately, the Aug. 24, ruling by the United States Court of Appeals for the Third Circuit didn’t make matters any better (or less expensive) for businesses guilty of failing to protect their customers’ data. In fact, companies that utilize poor security practices that ultimately lead to a breach of consumer data are at risk of facing further disciplinary action and penalties.

Read Also: How Prepared Is Your Business For A Potential IT Disaster?

What does the FTC’s Courtroom Win Mean To Business Owners?

If you haven’t taken data security seriously in the past, it’s time to get real serious about it real quick.

Prior to the ruling, companies at the center of a data breach had to battle with lawsuits while working to rebuild their reputations. Now, in addition to litigation and negative headlines, your organization must also risk being fined by the Federal Trade Commission (FTC). Businesses can no longer operate with a subpar data security infrastructure. Those that do are at risk of losing everything.

The court upheld the FTC’s 2012 lawsuit against Wyndham Worldwide, a company known for operating hotels and time-shares. Records show that the FTC filed complaints against Wyndham for three data breaches occurring in 2008 and 2009, which resulted in more than $10.6 million in fraudulent charges. In its decision, the appeals court reaffirmed previous rulings that found Wyndham to be responsible for implementing better security practices, which would have helped prevent such breaches from occurring in the first place.

According to the FTC’s argument, software used at Wyndham-owned hotels stored credit card information as readable text, hotel computers lacked a system for monitoring malware, there was no requirement for user identification and or to make password difficult for hackers to guess, the company failed to use firewalls and, ultimately, failed to employ reasonable measures to detect and prevent unauthorized access to the computer network or to conduct security investigations.

“Today’s Third Circuit Court of Appeals decision reaffirms the FTC’s authority to hold companies accountable for failing to safeguard consumer data,” said FTC Chairwoman Edith Ramirez. “It is not only appropriate, but critical, that the FTC has the ability to take action on behalf of consumers when companies fail to take reasonable steps to secure sensitive consumer information.”

Next Steps For Businesses

With regard to the case between the FTC and Wyndham, the next chapter of the story is uncertain. While the win in the courtroom has helped put some wind in the FTC’s sails, the commission has yet to levy any penalties or assertions against the defendant. What is clear, however, is that a data security breach is a very real threat – one that is felt by nearly every business in the world. Furthermore, as technology continues to advance and hackers adapt, the security procedures businesses deploy must be top-notch to avoid further complications and costs associated with a sloppy security infrastructure.

Will you be ready when disaster strikes? Email Rea & Associates today to learn what you can do to protect your business from unforeseen threats.

By Joe Welker, CISA (New Philadelphia office)

Want to learn more about how to protect your business from a data security crisis? Check out these articles:

Could Your Company Be Ransomware’s Next Victim?
Don’t Turn A Blind Eye To PCI Compliance
How Much Is Your Data Worth To Criminals?

Share Button