Tag: Business Email Compromise (BEC)

As the year ends, businesses face year-end fatigue and the pressures of the approaching festive season. This period, marked by heavy workloads and rushing to meet targets, creates opportunities for cybercriminals to exploit vulnerabilities. One prominent method is business email compromise (BEC), a sophisticated cybercrime targeting organisations via email system infiltration. A common BEC tactic involves altering banking details on invoices.

These are times of unprecedented change and disruption. New technological innovations and geopolitical events are just two of the major catalysts of change in the landscape of risk. In times of volatility, businesses are often faced with increased risk exposure, with opportunistic cybercriminals at the ready to exploit vulnerabilities and take advantage of loopholes.

Internal controls are an essential component of any financial management system. It helps your organisation retain financial integrity, meet regulatory requirements, and compile reports essential for improving the business. These processes are especially crucial in accounts payable (AP) departments to manage financial transactions and ensure that payments are authorised, accurate and properly documented.

According to estimates by our experts, the average share of spam in global email traffic in 2023 was 45.60%. This deluge of unwanted emails not only clogs up inboxes, but also consumes a significant amount of time and resources. On average, each year, employees spend between 5 and 18 hours sorting through spam, and when scaled to an organisation with hundreds of employees, this translates into huge amounts of lost productivity. Yet, the wasted time is just the tip of the iceberg.

Don’t let your business be punished for, and by cyber fraud. As the business landscape rapidly evolves, a general awareness of security vulnerabilities is no longer enough. Cyber fraud, data and payment breach risks need to be managed urgently and strategically with the right tools. 

The rise in finance and accounting cybercrime through phishing and Business Email Compromise (BEC) has made headlines with massive implications for South African companies with gaps in their payment systems. However, robust financial controls together with strong server, IT, and email monitoring processes aren’t enough if staff aren’t savvy to the psychological tricks scammers use to manipulate people, making them more vulnerable to tricker and deception.

The use of spreadsheets in accounting and finance departments has vastly improved data analysis and enabled fast and accurate reporting, computing and information storage. Life without them is almost unthinkable. However, danger lurks within and although the use of macros in Excel to automate processes can enhance efficiency, macro malware can put your entire business at risk.

While phishing scams are nothing new and have not changed drastically since their inception several years ago, we have seen some changes in terms of the techniques used, as well as the sophistication of content. From a tech perspective, the general technology used to pull off these social engineering attacks remains the same.

Despite being in the business of risk mitigation, insurance firms themselves are often subject to risk in the form of insurance crime. Last year, the Association for Savings and Investment South Africa (ASISA) found that South African life insurers detected 4,287 fraudulent and dishonest claims worth R787.6 million across the board.

With technology integrated into every facet of an organisation, there are massive consequences if systems go down, regardless of the size or industry sector of a business. Over the years, I have seen my share of the IT challenges companies face daily. However, these extend beyond the operational to include cybersecurity concerns as well.