Small businesses are susceptible to internet fraud and scams,
as much as big and established businesses and often more so, due to an informal
IT setup and slackness in adopting cyber safety measures. A small business
could, in all probability, become a victim of the following types of internet
fraud:
● Insider
Fraud
● Fraud
by misrepresentation
● Employee
Fraud
● Embezzlement
● Internet
Fraud by way of breach of data confidentiality
●
Internet banking fraud
To remain unscathed from all these types of internet fraud, what
has to be in place is a foolproof internet fraud prevention policy which
promotes cyber hygiene in the organization. Some facets of such a strong policy
will include:
Conducting
pre-recruitment background check and vetting of employees
It is highly demanding and essential that staff hired for all
verticals including IT, Finance, Production and Marketing must be subjected to
background check, right from school education till professional associations.
There are third party organizations who can conduct objective and professional
background check that can screen the recruit’s educational and work
certificates as well obtain information on his conduct and performance in
previous organizations. Such an objective check is always preferred to
conducting telephonic reference checks from contacts obtained from the
applicant himself.
Ensuring protection from
firewall and antivirus software
The IT infrastructure of the business must be equipped to
tackle sophisticated Internet fraud including cyber-attacks. The following
investment is needed for all businesses irrespective of size:
● Installation
and on-time renewal of virus protection software with good virus detection
speed
● Installation
of firewalls that will ensure placing restrictions on accessing unsafe sites on
the internet
●
Automatic backup of all data transacted on a
periodic basis
Insulating internet
banking
Online banking is the most vulnerable area for internet fraud in businesses. The banking credentials must be safeguarded and confidentiality
must be maintained:
● Bank
statements must be regularly scrutinized for unauthorized transactions
● Staff
advances and reimbursements must be checked
● The
beneficiaries page must be checked periodically
●
There must be match between bank balance and
cash book balance. Differences if any must be reconciled at the earliest
Forming a platform for
whistleblowers
Every business should ensure that there is a forum where
employees can report suspicious behavior of anybody else in the organization,
irrespective of designation, seniority and cadre. An internet fraud reporting
forum must include:
● Anonymity
of the whistleblowers so that they can report incidents leading to internet
fraud without any concerns
● A
promise to take unbiased and firm action against the wrong doers so that
employees’ trust in the internet fraud prevention machinery is reaffirmed
● A
platform to report and record evidence so that it is misused by unscrupulous
employees for settling personal grievances on a vindictive basis
●
The head of the forum must be a neutral person
without any conflict of interest and the person must be changed frequently on a
rotational basis, to avoid subjectivity and bias
Lastly, the management must conduct unannounced audits across
all verticals. It is important to ensure that internet security is beefed up
and any lapse in security is brought to light immediately and corrective action
is taken.
