ACCT 320
Deterrence Measure Design-Wire Fraud
UMGC
ACCT 320 Fraud Detection and Deterrence
DeterrenceMeasureDesign
After conducting the fraud investigation it is important to issue new laptops to affected
employees. I recommend better security software that will update automatically to keep up with
any new security threats. External hard drives or the cloud should be used to back up systems
data. The company needs to invest in phishing training for its staff so they know what to look for
when receiving emails from outside sources as well as being able to recognize spoofed email.
Make it easy for employees to report phishing by enabling an option in the email. Moreover,
encourage staff to use stronger passwords and change passwords more often than Diatech is
using currently
Diatech should adopt to there current process to thoroughly vet new vendors submitted to the
accounts payable. They should cross-check employee information with vendor details as part of
the analysis. In addition, any changes to vendor information, especially changes to banking
information, should be checked. A validation phone call or another human checking should
always be required when a vendor requests to add or change a bank account. It's important to
note that you shouldn't use the invoice's contact information because fraudulent invoices
sometimes have a bogus phone number, you can find yourself contacting the scammer for
confirmation. Instead, use past documents or an online search to locate the vendor's contact
details.
Furthermore, approval for invoices should be confirmed in person if approval is requested and
sent through email. Placing an ACH block on your accounts is one of the best ways to better
discourage ACH fraud. This block would not immediately deny transactions; you will need to
Deterrence Measure Design-Wire Fraud
UMGC
ACCT 320 Fraud Detection and Deterrence
DeterrenceMeasureDesign
After conducting the fraud investigation it is important to issue new laptops to affected
employees. I recommend better security software that will update automatically to keep up with
any new security threats. External hard drives or the cloud should be used to back up systems
data. The company needs to invest in phishing training for its staff so they know what to look for
when receiving emails from outside sources as well as being able to recognize spoofed email.
Make it easy for employees to report phishing by enabling an option in the email. Moreover,
encourage staff to use stronger passwords and change passwords more often than Diatech is
using currently
Diatech should adopt to there current process to thoroughly vet new vendors submitted to the
accounts payable. They should cross-check employee information with vendor details as part of
the analysis. In addition, any changes to vendor information, especially changes to banking
information, should be checked. A validation phone call or another human checking should
always be required when a vendor requests to add or change a bank account. It's important to
note that you shouldn't use the invoice's contact information because fraudulent invoices
sometimes have a bogus phone number, you can find yourself contacting the scammer for
confirmation. Instead, use past documents or an online search to locate the vendor's contact
details.
Furthermore, approval for invoices should be confirmed in person if approval is requested and
sent through email. Placing an ACH block on your accounts is one of the best ways to better
discourage ACH fraud. This block would not immediately deny transactions; you will need to
