Tag: fraud

Stock losses, fraud not top-of-mind in SA

South African businesses need a different mindset to address ongoing stock losses and fraud.

In the absence of a “proper” risk mitigation plan and loss control blueprint, South African business owners will never really address the critical levels of theft and fraud impacting on our economy, according to commercial investigator and international risk consultant, Kyle Condon (Managing Director at D&K Management Consultants).

“Experience has taught me that trust and effective loss control do not go together. We live in a society that has criminal presence constantly lurking around us. Old style security measures and trusting of everybody have left businesses open to losses like an open wound exposed to a sewer. Employees need to be watched continuously and loss control tactics need to be revised to accommodate this,” says Condon.

With many businesses operating on shoe-string budgets, security is often one of the first things to go. Ironically, says Condon; “it should be one of the portfolios that get additional budget assistance. When, companies cut security, those employees that were always dissuaded from going through with criminal action often go over the edge and ‘raid the cookie jar’.”

While South Africa has one of the most corrupt governments sketched on the political portrait, expecting every employee to behave in a moral honest way is far from realistic. We see what our leaders do and follow suit.

Sadly, most companies choose to ignore this red flag and continue to fool themselves into believing that the presence of a uniformed security officer or two is adequate to prevent and deal with internal criminal activity. Condon believes that “old school” security is a thing of the past. “It is time we accept that our businesses, like our homes, require proper defences,” states Condon.

So, what exactly does this mean?

“Our business sector has major structural employment weaknesses, due largely to political pressures, window-dressed appointments and fear of union retribution, this has led to a breakdown of strong policies and procedures that existed in the past. Many managers are just too afraid to confront the issues or speak out in fear of being branded or painted with the race brush. And, as a result, policies and zero tolerance are eroded. Unions have gained a lot of power, often holding companies to “ransom” when it comes to enforcing strong security measures. Polygraphs, for example, are always declined by Union reps, searching procedures get labelled as an invasion of one’s privacy, etc. Old school security methods have been watered down to create a mere ‘illusion of loss control’,” he says.

Modern day loss control and security plans must include the following key concepts:

• Internal investigation specialists (undercover agents) deployed as, I like to say, ‘modern day spies’.
• Quarterly sweeping and debugging of executive offices and meeting rooms.
• Strike action plans, designed specifically for the individual company and its employees to provide proper Duty of Care during strike action.
• Alignment with a reputable forensic investigator or company who understands the methods, methodology and principles of fraud and financial crimes, in the workplace.
• Thorough pre-employment screening of new candidates, including checking of criminal records through fingerprinting.
• A steadfast CCTV viewing plan conducted off site by an independent viewer, providing monthly viewing reports covering all aspects of risky behaviour, suspicious actions and overall health and safety concerns.
• Travel risk reports, for employees traveling to potentially hostile environments both locally and internationally. This would include arranging VIP protection, where needed.
• Annual security surveys to address all shortcomings of the physical security measures of the business.
• Due diligence must become part and parcel of the sales teams’ portfolios, before stock or material leaves for suspicious clients an investigation unit should first check out that all is above-board, and that you are not being scammed.
• Handing over the time consuming and demanding security portfolio to a dedicated and qualified loss control manager.

“I do not agree with companies splitting up the security portfolio and contracting various players for various things. Managing this portfolio is a job that requires full time participation. This is exactly what D&K Management Consultants does for its clients. We provide the correct expertise in one unique portfolio designed around modern-day risk,” says Condon.

“We are in many ways a country at war with itself, and business is not spared any of the risks that a ‘war’ environment brings. Therefore, defending your company requires a modern day ‘warfare’ approach. Intelligence, logic, expertise and strategy have replaced uniforms, guns and electric fences to a large extent”, Condon says, as he smiles.

PC distributor Mustek is assisting the City of Johannesburg (COJ) in a case where the city paid R6-million for 500 desktop computers to a service provider but the PCs were never delivered to the municipality.

In a statement, COJ mayor Herman Mashaba says he was informed that the city paid R6 million for 500 desktop computers that were ordered by the Group Information Communication Technology (GICT) department in 2014 but they were never delivered.

Opposition party the Democratic Alliance took over COJ from the ANC in August 2016. Mashaba, who took over the reins from the ANC’s Parks Tau, has publicly announced he intends to rid the city of corruption, which he blames on the previous administration.

Tip-off

According to Mashaba, the Group Forensic and Investigation Service (GFIS) received a tip-off from a member of the public who is closely linked to the service provider, saying that while she was working at the company, the city placed an order for 500 desktop computers.

It’s not clear which desktop PCs the city purchased but at retailer Incredible Connection, they range from R5 000 to R18 000. In the R6 million deal, the city paid R12 000 per computer.

Mashaba explains the computers were paid for with the assistance of officials working for the city but never reached the city.

The service provider, which is based in the south of Johannesburg, provides office supplies such as desktop computers, laptops, printer cartridges and toners, to name a few, he says.

A search and seizure operation was conducted this week by the members of the Hawks and officials from GFIS at the offices of the service provider.

Mashaba explains that about 37 computers worth R750 000 belonging to the city were seized during a joint operation.

He explains it is alleged that after winning the tender to supply the computers, the service provider placed an order with PC distributor Mustek to do the city’s imaging on the computers.

This was standard procedure, says Mashaba. “But with this batch, it is alleged that when he received it from Mustek, the service provider and his specialists in the information technology filed to remove the city’s imaging. Serial numbers of the seized computers were removed.”

In a statement sent to ITWeb, Mustek says: “In terms of Mustek’s distribution model, Mustek on-sells its products to its approved dealers, who then on-sell to end-users and public sector customers.

“Accordingly, we cannot comment on what transpired between the service provider and the City of Johannesburg. However, we are assisting the City of Johannesburg with their investigation of this matter.”

Preliminary investigations
It is alleged that most of the computers were sold to other clients and the 37 seized were used by the service provider’s staff members, Mashaba says.

He points out that preliminary investigations into the matter revealed that a city official was paid R1 million by the service provider for securing the deal for it. The city official allegedly took one official working for the service provider to a shop in the south which sells building material and spent R30 000 as a token of appreciation to the official, he adds.

“I was also informed that the service provider colludes with one of our officials who steals printer cartridges from our stores and sells them to the service provider who then sells it back to the city. When the team arrived at the property, they found one employee removing serial numbers from the boxes of the cartridges which had names of other municipalities and government departments.”

The team also established that the service provider illegally connected electricity supply to the property. City Power officials were called in and they removed the meter.

“The GFIS is currently conducting a number of investigations into contracts entered with ICT suppliers. I want to eliminate corrupt elements throughout the city, including investigating illicit deals and contracts that were secured by the previous administration and this includes our technology space,” concludes Mashaba.

By Admire Moyo for ITWeb 

Steinhoff raises R7.1bn from sale of PSG shares

Steinhoff International raised R7.1bn billion of shares in South African financial services firm PSG, the latest in a line of disposals aimed at shoring up the retailer’s battered balance sheet.

The owner of Mattress Firm in the U.S. and Poundland in the UK placed almost 29.5 million shares in Stellenbosch, South Africa-based PSG with institutional investors, Steinhoff said in a statement Monday. That’s on top of the 20.6 million PSG shares sold late last year at the start of an accounting scandal that’s wiped out most of its market value.

“This is positive for Steinhoff as it will secure a decent bit of liquidity out of a fairly well-priced asset,” Alec Abraham, an analyst at Johannesburg-based Sasfin Securities, said by phone. “By selling out of a non-core asset, the company is better able to support its core, furniture businesses.”

The shares rose 3.7% as of 4:41 p.m. in Frankfurt, where Steinhoff moved its primary listing from Johannesburg in December 2015. PSG rose 0.2% by the close in the South African city to R254 rand, about 5.5% higher than the R240 price Steinhoff received for its stock. The retailer holds a 2.5% after the placement.

Steinhoff has been identifying non-core assets to sell while holding talks with lenders about providing financial support. The company said December 5 it had uncovered accounting irregularities and later announced it would have to restate accounts going back to 2015. Chief executive officer Markus Jooste and chairman and biggest shareholder Christo Wiese have both resigned.

The company earlier this year sold a luxury Gulfstream 550 private jet that had once been valued at $25m, while French unit Conforama has disposed of a 17% stake in online retailer Showroomprive for €79 million euros. That’s about half what it paid for the shares in May last year.

The PSG placing was carried out by PSG itself and the South African unit of Standard Bank.

Separately, Amsterdam Court’s Enterprise Chamber delayed a verdict on a case brought against Steinhoff by a former joint-venture partner until no later than February 19. It had been due to make a decision on the case Monday.

By Janice Kew and John Bowker for Bloomberg / Fin24

A new banking scam whereby fraudsters remotely take control of your PC over the Internet to gain access to consumer’s online banking profile is currently doing the rounds.

This is according to First National Bank (FNB), which alerted consumers about the latest festive season scam.

In a statement, FNB says fraudsters are sending unsuspecting consumers fake emails notifying them that fraud has occurred on their respective bank accounts’ or credit cards.

Soon after the email is sent the customer receives a call from a fraudster claiming to be from their bank and offers to help block any fraudulent transactions by first requesting the customer to install “protection” software on their computer, which allows the fraudster to gain full control of the computer remotely.

Kovelin Naidoo, cyber security officer at FNB, says fraudsters are employing carefully constructed scamming tactics that have the ability to trick even the most vigilant customer if they are not aware of the modus operandi.

“If someone calls you and requests your personal banking details or to install remote access software on your computer, please end the phone call and contact your banks’ fraud contact centre. FNB will never ask you to share your OTP to reverse pending transactions or to block your banking profile,” cautions Naidoo.

He adds: “As access to banking services through digital channels continues to grow, so does the prevalence of banking scams, therefore we urge consumers to always be vigilant and familiarise themselves with the different types of digital banking fraud, as well as the security measures provided by their respective banks.”

How fraudsters use the software to defraud consumers:

  • The fraudster calls the customer and offers to help them block any fraudulent transaction by asking him/her to download and install “protective” PC software.
  • The customer downloads the software, and with the help of the fraudster, installs it.
  • Once the software is installed, the fraudster asks the customer to log into his/her personal online banking profile.
  • After logging in, the customer’s computer goes blank. Shortly afterwards, he/she starts receiving OTP (one-time pin) SMS’ to confirm transactions he/she did not perform.
  • The fraudster then reassures the customer that these are fraudulent transactions and requests that he/she forwards the OTPs so that they can be blocked or reversed immediately.
  • The fraudster then uses the OTPs forwarded to him/her to process the pending transactions and defrauds the customer.

Source: IT Web

Fake WhatsApp affects millions of users

Around 1 million users have downloaded a fake version of WhatsApp which appeared on Google Play.

Reddit’s forum users noticed that it was a hoax. Users who didn’t notice this and downloaded the fake app ended up with a major amount of adverts rather than a messenger app.

According to Hacker News, the reason this spoof fooled so many people is because whoever created the App and who put it in the Play Store did so under the name “WhatsApp Inc”, which is the same name the maker of the world-famous app uses. However, Fortune Magazine says that it is not the most uncommon incident.

Fortune points out that when you search for “WhatsApp” on Google Play, it currently shows no fewer than seven spoof apps using slight variations on the developer name “WhatsApp Inc.”
All of them have four-star review averages, due to Play’s review system.

So remember to watch out before downloading off Google Play or ask a friend to send you the original App via file sharing apps such as SHAREit.

What happened?

WhatsApp fraudsters have tricked more than one million people into downloading a fake version of the chat app from the Google Play Store.

WhatsApp users downloaded the ‘Update WhatsApp Messenger’ from the Android app store as it looked it was from the company that makes the popular app.

The Google Play Store page for the fake app claimed the programme had been developed by WhatsApp Inc, the creators of the instant messaging app.

However, it was instead a fake app that contained adverts and download malicious software onto a user’s device.

The developers made it look like a legitimate app by using virtually the exact same name as the developer WhatsApp Inc.

However, they replaced a space that appeared in the name with a character that made the one defining difference look invisible.

This made it almost impossible for an Android smartphone user to detect the different between the real WhatsApp app and the fake version.

How to check if your WhatsApp is fake

To start with, go to Settings and then find the Apps section and click on WhatsApp.

Then under Store you should see the option to check the App Details.

This should then take you to the Google Play page which shows the app has been downloaded more than one billion times.

The developer for the app should be WhatsApp Inc and it should have a PEGI 3 rating.

If any of these details are different, alarm bells should be ringing and you should delete the app to find the official version.

You can also download an anti-virus to clean up any malicious software that may have been installed on your smartphone.

The news comes after over the weekend Express.co.uk warned about another fake app that had appeared on the Android app store.

The bogus programme appeared to be a fake version of the upcoming WhatsApp business app and was available to download from the Android app store.

Alerting users to the issue one Android user on Google Play complained that the app was full of adverts, while another claimed it was being used for “data theft”.

The fake app was flagged up by tweeter @MujtabaMHaq and WABetaInfo, a Twitter account about all things WhatsApp.

It has since been deleted from the Google Play Store.

Source: IOL; Dion Dassaayake for Express

New Gumtree scam uses Uber drivers

A MyBroadband reader recently faced a scam involving Gumtree, Taxify, and his iPhone 7 Plus.

It started when he posted his iPhone 7 Plus 256GB on Gumtree, and received five calls to purchase the device on the first day.

“All of them said they do not use WhatsApp. All said they will send an Uber to collect. All offered to send documents,” he said.

Scammers appear to be trawling Gumtree for high-value items, like an iPhone, then try to steal them by offering to purchase the item, and sending forged documents and notifications.

This is done when potential victims agree to accept an EFT.

The scammer knows which bank the victim uses and sends an SMS stating a deposit has been made into their bank account from a different bank.

This is so they have an excuse for why the money hasn’t cleared if checked. They then send an SMS that looks like a deposit notification from the victim’s bank.

Scam

In the reader’s case, the scammer said he was sending his “friend” to collect the iPhone after he had made the “payment”.

The “friend” turned out to be a Taxify driver, who had little knowledge of the person he was collecting the phone for.

The reader said after handing his device over, he felt something was wrong, and went to the guard house where he stays and got the driver’s number from the sign-in book.

He called the driver, explained he thought the collection was a scam, and the driver returned – cancelling the trip.

The scammer the driver did the pickup for was a cash customer, who then contacted him and offered R1,500, then R3,000, to complete the delivery. The driver declined.

“These criminals are using Uber and Taxify with cash payment options to get the drivers to do the hard work and collect the items from victims,” said the reader.

Fighting cons

Gumtree said fraudulent proof of payment is not new in online marketplaces.

“Although we haven’t seen many cases like this, it seems that Uber or Taxify is another way of making it harder to trace the actual perpetrator,” said Gumtree.

“We urge community members to inform us via our 24/7 contact centre if they encounter a suspicious buyer or seller.”

Gumtree stated that victims or potential victims must also contact the SAPS about any scam incidents.

The company said it will speak to Uber and Taxify to collaborate and combat this activity.

Uber recently introduced new safety features which require cash riders to link a Facebook account to their Uber profile, which it verifies, before using the service.

Called Social Connect, only new sign-ups are currently required to link their Facebook account.

Uber said there is potential for Social Connect to expand to existing users in future.

Taxify did not respond to requests for comment.

Safety features

One way to avoid falling victim to a scam is to use a third-party escrow service, like Shepherd – which is offered by Gumtree in conjunction with Standard Bank.

The service charges 3.95% of the transaction value, with a minimum charge of R30.

Shepherd also charges separately for its shipping service – starting at R100 for items below 2kg, and R169 for items up to 10kg.

“If you opt not to use Shepherd, always check that funds have cleared before handing over goods,” said Gumtree.

By Jan Vermeulen for MyBroadband

Google is warning users that Secure Sockets Layer (SSL) certificates purchased from Symantec, VeriSign, GeoTrust, Thawte, Equifax and RapidSSL are not secure – raising questions for businesses using them.

SSL certificates are small data files that digitally bind a cryptographic key to an organisation’s details. When installed on a Web server, it activates the padlock and the https protocol and allows secure connections from a Web server to a browser.

Browser developers, including Google, have raised questions about the way Symantec issued SSL certificates, and have threatened to stop recognising them, a move that could hurt Symantec’s customers and worry visitors to the Web sites using the affected certificates.

Improper issuances
In March, Google accused Symantec of misusing at least 30 000 such certificates, potentially allowing attackers to masquerade as legitimate Web sites.

The Internet giant expects root certificate authorities like Symantec to validate domain ownership before issuing certificates and to secure their operations and infrastructure against signs of improper issuances as well as auditing logs to review issuance activity.

Google stated Symantec had not met these standards and had allowed outside access to their certificate infrastructure without proper oversight.

Symantec SSL certificates – estimated to make up one in every six SSL certificates currently deployed online – include certificates issued by VeriSign, GeoTrust, Thawte, Equifax and RapidSSL because Symantec bought their certificate authorities and they were subsequently added to the Symantec root.

The search-engine giant indicated last month that it has added a new feature under the “Developer Tools” menu item in the latest version of its Web browser, Google Chrome, alerting users that Symantec, VeriSign, GeoTrust, Thawte, Equifax and RapidSSL SSL certificates issued before 1 June 2016 will be considered distrusted from next March.

The core of the issue surrounding Symantec certificates – the business operates under brand names such as VeriSign, Thawte, Equifac, RapidSSL or GeoTrust – is that Symantec “entrusted several organisations with the ability to issue certificates without the appropriate or necessary oversight,” says Google.

The latest version of Google Chrome – the world’s most popular browser – called version 62 is scheduled to go live between 22 and 28 October. According to Net Market Share, Chrome dominates the browser market with a 59.61% market share.

The next big upgrade, called Chrome 66, is expected mid-April 2018 and visitors to Web sites using Symantec certificates issued before 1 June 2016 will receive warnings that the sites are “untrusted”.
Google has also indicated that Chrome 70 – estimated for roll-out in October 2018 – will distrust any certificate issued by Symantec’s old infrastructure, including those sold after 1 June 2016.

DigiCert deal
Following the impasse, Symantec has since entered an agreement with identity and encryption solutions provider DigiCert, which will acquire Symantec’s Web site security and related public key infrastructure solutions.
Under the terms of the agreement, Symantec will receive approximately $950 million in upfront cash proceeds and approximately a 30% stake in the common stock equity of the DigiCert business at the closing of the transaction.
However, Lauren Collier, SSL sales manager at cyber security firm LAWtrust, says while DigiCert – which is buying Symantec’s certificate authority business – is promising to issue replacement certificates from December this year, businesses should think carefully about how to proceed.

“One of the important parts of the SSL ecosystem is trust. If a certificate authority neglects to properly verify the legal existence and identity of an entity before issuing SSL certificates for domains, as Symantec has been accused of doing, this breaks the chain of trust,” she says.

Serious concern
For Jon Tullett, IDC’s research manager for IT services for Africa, SSL certificates are absolutely fundamental to modern Internet security. “They’re far from perfect – as this incident shows – but they are used to secure a tremendous amount of online activity.”

He explains that when a browser like Chrome removes a certificate, users will get a warning before they visit a site which uses that certificate to validate its identity.

“Google’s Chrome team has indicated serious concerns with a large number of the certificates in question, prompting this action, so it’s likely quite a number of sites and services may be affected – many thousands, potentially,” says Tullett.

Meanwhile, Manuel Corregedor, COO of information security company Telspace Systems, says digital certificates allow for the communication between the user’s machine and the Web site (server) to be encrypted.
“This makes it difficult for an attacker to intercept communications between the user’s computer and/or to masquerade as the authentic Web site.”

He notes organisations will have to replace their certificates or face potential reputational or financial harm.
“However, this is easier said than done especially for organisations that make use of certificates on devices or terminals that are hard to get to. In such cases, organisations will find it very difficult to update the certificates before the imposed deadline by Google,” says Corregedor.

By Admire Moyo for ITWeb

Unemployment pressures tempt fraud

With unemployment at its highest level, the youth are anxious, agitated and searching for creative ways to earn a living.

“In this environment, you cannot write off the temptation that confronts young people to commit fraud, when doors slam shut in their faces or do not even open in the first place,” says Manie van Schalkwyk of the South African Fraud Prevention Service.

The obvious temptation is CV doctoring, he says. By adding a few tweaks, candidates may make their application appear more professional than they actually are and increase chances for a job interview.

“Qualification fraud is simple enough to perform and with any luck an applicant may land an interview, even a job offer. But a few months into the job the employer will begin to wonder why the candidate’s skills and abilities do not match up to the qualifications he or she has presented on their CV. Questions will be asked. “When you are exposed as a fraud, you will have a criminal record,” Van Schalkwyk says.

For young people who are employed who wish to apply for store cards, credit cards or any type of credit, there is the temptation to stretch the salary or the length of time spent in a particular work place to increase their chances of credit approval or credit limit. Van Schalkwyk says, “Falsifying this information constitutes fraud.”

At another level, one of the first goals of a newly graduated student is to learn to drive and get a driver’s licence. So, they may be driving around in their parents’ or older sibling’s car, or they may have a car of their own.

In this case, the individual may wish to have car insurance. After phoning some insurance companies they may learn that their premium is higher than expected because of their lack of driving experience. They will persuade their parents to front for the policy, so that the policy is held in the parent’s name. This is falsely representing information as the younger person will be the primary driver of the vehicle being insured.

“A common illustration of this is alternative fact information given about who the regular driver of a vehicle will be,” says Deanne Wood, short term insurance ombudsman. “Older drivers pay significantly lower premiums than younger drivers.” The difference in premium can be significant.

“Certainly, significant enough to encourage consumers to provide inaccurate information about who the regular driver of a vehicle will be,” Wood says.

“Our office sees far too many claims being submitted where, for example, parents have represented that they will be the regular driver of a vehicle when in fact the vehicle was purchased by them for use by their child.

“Paying the lower premium is all well and good until a loss is suffered. Simple desk-top investigations using Facebook or other social media searches can all too easily reveal misrepresentations made by consumers who forget to cover their tracks when making misrepresentations to their insurance companies,” Wood adds.

Van Schalkwyk says, “Like all fraud, it’s only a matter to time until the perpetrators will be found out and could face prosecution. Starting out in a career with a criminal record is no way to build a future. I urge youth to stay on the right side of the law despite the many challenges of the current economic climate. Don’t put further obstacles in your path.”

Fraud alert warning from retail stationer

A local retail stationer has contacted My Office News with a warning of attempted fraud.

The instance began with a request to quote on Monday 15 May 2017 from a certain “George Miller” of Quality Service cc.
He requested a quote for two taping applicator systems and 1 000 PVC 70mm lever arch files.
The retailer immediately became suspicious, as clients usually approach a wholesaler directly for that quantity of stock.
The retailer then began to research the company and discovered that the company name did not match up with the phone number provided.
However, the retailer e-mailed the quote to the address provided and thereafter received a purchase order with an address listed in Bellevue East.
When the retailer googled the address, it was for Raleigh Court in Yeoville/Bellevue East.
The retailer then confirmed with “George Miller” once again via e-mail that full payment was required, and they had to collect from the retailer’s offices once the order was ready.
Following that, the retailer received a proof of payment (POP) via e-mail that looked nothing like other POPs received from Standard Bank:

The retailer then sent all the evidence to the bank. A representative from Standard Bank’s Fraud division responded, saying “We would recommend that no goods released and also no services be rendered as the proof of payment is not valid. If you would like to pursue the matter, you may report the suspects to the SAPS in order for them to continue with investigating the individual.”

Please be wary when receiving large orders from unknown customers.

Follow us on social media: 

               

View our magazine archives: 

                       


My Office News Ⓒ 2017 - Designed by A Collective


SUBSCRIBE TO OUR NEWSLETTER
Top