A recent report from Gartner has stated that organisations that use predictive analytics will increase their profitability by 20% by 2017. There is a great deal of focus placed on the benefit of analytics for improving profitability. Less commented on, but no less relevant, is the role that analytics can play in preventing loss – specifically, loss through fraud.

 

Current fraud detection solutions rely on recognising pre-existing fraud modalities and flagging similar events when they occur. And it’s that “when” that’s important. The fraud has already taken place by the time the event is flagged, and while this may create a neat paper trail to the perpetrator, it doesn’t do anything to prevent the fraud from occurring in the first place.

 

In addition, fraud detection solutions that rely on identifying events that are similar to previous instances of fraud can’t do anything about new methods of committing these kinds of crimes. If there’s one thing that we know about fraudulent individuals and syndicates, it’s that they are constantly looking for new ways to defraud businesses. Given this trait, it’s completely pointless to rely on a solution that only recognises the replication of historical fraud.

We need to know the future

If you want to be successful in fraud and corruption, South Africa seems to be the perfect university for the eager pupil.

 

April Fool jokes aside, the hard-ribbed reality is that corruption, like crime, pays. It is the reason the Mafia have lasted where governments have failed. It’s what keeps the courts and jails filled. Whenever the temptation factor is high, corruption will follow.

 

The Old English word for best derives from the superlative of its root word, meaning remedy or reparation. For many the best remedy for their own greed is to steal, lie, and cheat. The best way to promotion, it seems, is through corruption and not hard work or strong ethics.

Corporate crime is the scourge of business in South Africa and it’s getting worse. PricewaterhouseCoopers released its annual Global Economic Crime Survey to the media this week.

 

It exposed the shocking prevalence of economic crime, stating the companies here at home are hit by more fraud, bribery and corruption than their global counterparts. Since 2011, the report states, the percentages have climbed.

 

It’s a bitter blow for ethics and integrity in local business and intensifies the challenge facing business leaders in South Africa today.

 

Profiling the enemy within

The survey also reveals a profile of the typical fraudster lurking in senior and middle management. He is usually male, between the ages of 30 and 40, university educated and has been with an organisation for a long time. This fraudster, it says, commits more than 70 percent of all internal fraud.

 

This a frightening barometer of the climate of corruption in business. The survey reveals that SA organisations took no legal action in almost 10 percent of cases, opted for transfers in two percent and issued warnings in just less than 20 percent of the cases. This, to me, shows either a lack of vigilance or a fatal complacency or acceptance of the current status quo.

This article comes after the recent scam on Facebook offering free gift cards from Woolworths and Pick ‘n Pay. This is the perfect time for scammers to be out in full force, after the holiday season, when everyone is strapped for cash.

 

We have listed three of the biggest scams below, which will help you stay ahead of the scammers and allow you to enjoy your online experience with peace of mind.

 

Malicious links in text, email or Facebook feeds: The easiest way to be targeted is via an email, text or Facebook post, offering a great deal. Generally, don’t click on a link from someone you don’t know as it could be spyware or a malicious program designed to capture passwords and other personal information.

 

If you didn’t remember entering a competition or ordering a package, it is probably a scam. If the deal is too amazing to be true, it’s probably a scam. Such as the “Get a Free R500 Woolworths or Pick ‘n Pay Gift Card by sharing the link on your Facebook page” scam.

 

Always check the source of the link – even if it’s from someone you know, a scammer could have hijacked their account and sent it on their behalf.

 

Phony gift card offers: This is in the form of an email, text message or Facebook post saying that you’ve won a prize or that you’ve qualified for a massive discount or sum of money on a gift card. You are then required to enter extensive personal information in order to receive it or share the link to your friends – don’t do it!

 

 

The more personal information they have, the easier it will be to get into your bank account, for example.

 

Ignore links offering ridiculous discounts and steer clear of sites that offer gift cards at unheard of prices.

 

Unknown sites advertising unbelievable offers: You know the saying, “if it sounds too good to be true, it probably is”? This is the general rule when it comes to scams. Some sites do offer amazing deals, like Groupon and Superbalist (Citymob), but it’s the unknown sites that you need to watch out for: the ones with strangely spelt names or the ones offering highly sort after items like iPads and iPhones at abnormally low prices.

 

Be very wary when entering your credit card details onto unknown sites and make sure that the site is secure: The web address should begin with https:// instead of http://. The “s” means that it is secure. We recommend using a separate card for online purchases and setting your limits as low as possible (so that if your details are stolen, the damage will be minimal). It’s also advisable not to save any of your credit card details on a site for future purchases.

 

Dubious websites can also pull you in by offering vouchers for popular gifts. If you have to enter a lot of personal information to get the voucher, the warning bells in your head should start to sound.

 

If you are required to sign up to the account in order to purchase, using a password you haven’t used for anything else, is a good idea.

 

What to do if you think you’ve been involved in an online scam: Immediately run a virus scan. Mobile phones and tablets aren’t immune to scamware, so this applies to all devices. We recommend using ESET NOD32 for desktop and mobile security.

 

Change your password if you think you have been scammed on a social media site.

 

Call your credit card company right away – they will put a watch on your card for suspicious activity.

 

To recap, stick to the well-known sites, don’t click on any links from unfamiliar sources and don’t be tricked into giving up extensive personal information to get a good deal. Got it? Following this IT advice will ensure a happy online experience.

Human capital management solutions provider Manpower South Africa highlights the importance of carrying out background checks and verifying details on prospective employees CV’s for employers in today’s business environment.

“In the current economic climate where unemployment is high, employment application fraud is rampant. Job seekers are desperate and employers are being duped. Before hiring someone, training them and integrating them into your company, it is important to check their background and the facts on their CV,” explains Lyndy van den Barselaar, Managing Director of Manpower South Africa.

She explains that statistics on CV fraud in South Africa are hard to come by, as many companies do not check the credentials of prospective employees.

 

“Employees often lie about the number of years they held a certain position, or about academic achievements,” states van den Barselaar. She suggests that employers review CVs, covering letters and employment applications with a sceptical eye. “Do research on certain statements. Ask specific questions about statements made on the CV during the interview.” These could include: How the candidate achieved the results? How did the candidate measure certain stated accomplished improvements? What role did the candidate play in the team that rolled out the marketing strategy?

“Careful questioning should reveal differences between stated facts and reality. Look for suspicious behaviour such as vague answers to questions, or citing confidentiality for not being able to answer certain questions,” says van den Barselaar. Thanks to online resources such as Google, it becomes easier to check for certain details and to do research on job seekers. “This will allow you to ask the candidate about any discrepancies you found from the facts stated on their CV, during an interview.”

Recruitment agencies, labour brokers and human capital companies like Manpower can assist in this, says van den Barselaar, as they often check the background of each candidate before suggesting them for any possible jobs.

Every employer, particularly those who have employees who will have significant contact with the public, customers, patients, or children, should familiarise themselves with the particulars of prospective employees.

“The importance of background checking and credential validation cannot be ignored or underestimated, especially in this current economic environment. If a company does not have the time or the resources to carry out these kinds of checks, it is worth hiring an outsourced company or individual who will do it on behalf of the company. This will save you time, money and disappointment in the future,” concludes van den Barselaar.

The price war among local broadband providers, and the surge in volumes of mobile devices in South Africa, has meant increasing numbers of South Africans are enjoying wider access to the Internet. But it also places consumers at greater risk of becoming potential victims of financial scams.

 

This is according to Kevin Hurwitz, Chief Executive Officer at Wonga.com South Africa, who says cybercrime is becoming an increasing problem globally, and is becoming more prominent in South Africa as more people become connected. “As a result, it is imperative that people are aware of how to identify scams, in order to avoid being financially defrauded.”

 

The RSA Anti-Phishing service recorded a total of 1,942 new phishing attacks in South Africa for the first half of 2012, equating to an estimated financial loss of R71 million. In addition to this, the Symantec Intelligence Report for June 2012 identified South Africa as the second-most targeted country globally, with one in 170.9 emails identified as phishing attacks.

 

“It makes sense that South Africa has become a significant target for cybercriminals, as we have the largest Internet connectivity on the continent,” says Hurwitz.

 

Much has been said recently about phishing scams in particular, however there are many other scams that don’t involve phishing but are equally dangerous to consumers.

 

Hurwitz explains that various scams are used by criminals to illegally obtain personal information – such as bank account details, ID numbers, passwords and usernames. These are often sent electronically by individuals posing as legitimate entities, in order to conduct financial fraud. “Consumers are fooled into providing personal details, or depositing money into fraudulent accounts, based on the assumption that these communications are authentic.”

 

Hurwitz says that there are currently two primary channels used to conduct what is known as ‘advance fee scams’, namely email and SMS. “These communications are designed to look real and can easily trick consumers into financial losses.”

 

He says anyone receiving an unsolicited email or SMS which appears to come from a legitimate source, but requests personal information, should contact that organisation directly to verify that the communication is authentic, before taking any actions. Consumers who potentially fall victim to these scams are likely to ignore warnings about phishing, because they don’t generally transact online, so don’t believe the warnings relate to them.

 

According to Hurwitz, another popular type of scam currently doing the rounds involves people receiving an SMS (or email) claiming that they have won money, but in order to receive the funds they need to send their banking details, or deposit money into an account. “No official organisation would ask for personal details in this manner, or request money to be deposited in order to receive a prize, so everyone should immediately be suspicious of this type of communication.”

 

“With the number of innovative scams growling on a monthly basis, it is imperative that consumers are more vigilant about verifying any communication relating to financial matters before giving out personal information or making payments. After all, it is their identity and financial well-being they need to protect.”

 

Hurwitz provides the following advice to avoid falling victim to financial scams:

 

• When an email or SMS requests personal details or payment,  contact the organisation directly to verify the authenticity of the communication
• Never provide or verify personal details via SMS or unsecure websites (In order to identify a secure website, an image of a lock will appear on the browser status bar or the URL will read “https” as opposed to “http”)
• Never deposit money into a bank account, especially a private bank account, unless the communication has been verified with a legitimate organisation
• Never click on links, download files or open attachments from unknown sources
• Never enter personal information on a pop-up screen - a legitimate organisation will never request details like this
• Check bank statements regularly to ensure no unauthorised transactions have taken place

Most accountants and auditors know the “fraud triangle”, the combination of incentive, opportunity and rationalisation that creates a risk that an employee will attempt to defraud their company.

 

But the fraud triangle alone isn’t enough. In the wake of Enron and other high-profile corporate disasters of the past decade, there has been a new focus on how factors at the organisational level, not just the individual level, can increase the risk of fraud. Chief among these is that nebulous thing called “organisational culture”.

It took online outdoor products retailer iWarehouse.co.za three years to come around to the idea of accepting credit cards on its website – but, says owner John Guthrie, “It turned my business around. I should have done it from the beginning.”

Rooting out “career criminals” is taking on a whole new meaning with more and more businesses now resorting to polygraph testing to get to the bottom of workplace crime as well as to identify would-be trouble makers before they are even hired.

 

Willem Marshall, a polygraphist with leading national  private investigation agency, Justicia Investigations, warns that far too many employers are naïve enough to believe that theft, fraud and corruption will never surface in their companies. “People need to realise that there is more and more organised crime out there and that they are being targeted.

In anticipation of a greater holiday season this year, many retailers are now kicking off their sales a few days early. According to the National Retail Federation, consumers are expected to spend about 4.1 percent more this holiday season than last.

 

Unfortunately, it’s not just retailers who will be using unbelievable offers to lure consumers into parting with their hard-earned cash on Cyber Monday, Mobile Tuesday or in the days that precede them.

 

Cybercriminals are also hard at work to offer the most enticing online scams.  And if you don’t take the necessary online precautions, your holiday cheer could come to a screeching halt.

 

Whether you end up shopping now or later, you’ll want to check this list of recommendations that can help you stay clear of some typical and not so typical holiday security threats.

 

• Make sure it’s the real deal. Use caution when clicking on links in emails from retailers for offers, even if they appear to be from a big brand company. Malicious links could exploit your computer with malware or take you to a phishing site designed to steal your information.  One way to determine the legitimacy of an offer or deal is to simply go directly to the company’s website.
• Only shop from secure sites. When paying online, verify that you are on an SSL secured site (the Web address will start with https:// and have a little padlock icon next to it). Websites that are SSL secured will encrypt sensitive information, such as credit card numbers during the transaction. You can also click on the padlock icon to verify the identity of the certificate owner.
• Don’t fall for phony holiday sweepstakes. Don’t respond to emails or text messages, claiming that you have won a contest or sweepstakes that you never entered. Though these types of phishing scams are commonly distributed by email, they are now infiltrating mobile phones. Called smishing, these text message scams, requesting you text a 5 digit code to a specific mobile keyword, could lead to unwanted SMS fees and subscription costs. Simply delete the text message.
• Make sure your browser is updated with the latest version. This will help prevent cybercriminals from taking advantage of vulnerabilities in older versions of your browser during the holiday shopping season.  Although it is inconvenient, you may consider disabling Java. The program is battling a slew of security vulnerabilities. This will sacrifice some websites’ functionality, but it will prevent potential drive-by download attacks that could infect your PC.
• Use virtual credit cards. Consider using “virtual credit cards” for online shopping instead of your actual every day credit or debit card. These are temporary or disposable digits that are issued by banks or credit card companies for free or a small fee. Virtual credit cards are usually one-time use only or have a limited amount on them, so if a cybercriminal gets hold of this number, your actual bank account is not at risk.
• Set-up a separate email. Many retail sites require an email address to set up an account, login, and make purchases. Set up and use a separate email account for your holiday shopping. This can help reduce spam and phishing attacks on your personal, every-day use email account. And, it lowers the risk of your personal information getting stolen.
• Update your security software. As always, make sure your security software is running and up-to-date. There are a wide variety of free security solutions out there from which to choose, such as ZoneAlarm Free Antivirus + Firewall. But at a minimum, pick a solution that has antivirus and a two-way firewall. Without minimum protection, you leave yourself highly vulnerable to online attacks.

Bottom line: cybercriminals will always try to exploit the holiday season and target Internet users. But by following a few simple precautions and trusting your gut, you’ll be well-prepared to take advantage of online sales on all sorts of fun merchandise this year. Happy Shopping!