Express Computer
Home  »  Security  »  Corporate fraud investigation landscape changing rapidly with changing fraudsters’ profile

Corporate fraud investigation landscape changing rapidly with changing fraudsters’ profile

0 372

A data breach occurs when a hacker penetrates into a data source and extracts sensitive information. This can be done physically by accessing a computer or network to steal local files, or by bypassing network security remotely.

By Sanjay Kaushik

Corporate frauds are a serious issue nowadays. Every day one can hear about one issue or the other in large to medium size firms and for smaller firms they seldom get reported in the media. These are interesting times for the corporate fraud investigating industry as their business has risen several fold but also has thrown up newer challenges with the changing profile of the fraudsters as well as the availability of cutting edge technologies and modus operandi they adopt.

Studies show that a typical fraudster today is identified as an internal employee, who is in his / her 30s, and is far from retirement. Younger employees deal with high level confidential data on companies as well as high profile individuals, or even their own company, and any bit of deviance from the laid out process can cost all very dearly – both in terms of money as well as reputation. Earlier one needed to physically come to your place to take your money or data, now someone sitting 1000 km away can steal your data at the click of a button.

A data breach occurs when a hacker penetrates into a data source and extracts sensitive information. This can be done physically by accessing a computer or network to steal local files, or by bypassing network security remotely. The hacker protocol typically begins with an examination of the company’s network before the attack, seeking out weaknesses in security to exploit. Once the hacker finds a weakness, he or she attempts to exploit it with either a network or social attack.

A social attack is when the hacker attempts to deceive employees into allowing him into the network, either by giving up passwords or opening malware in the system. A network attack is a direct attack on the computer system to attempt to infiltrate the network. As soon as the hacker is in and as long as they are undetected, he or she is free to search for useful data and extract if from the system.  Social attacks involve tricking or baiting employees into giving access to the company’s network. An employee can be duped into giving his/her login credentials or may be fooled into opening a malicious attachment.

It’s a dangerous world out there.

So who is ahead in this race – the fraudster, the company or the investigator? The fact is it is a cat and mouse race – sometime criminals are ahead and sometime technology. The pace with which technology is changing, it is becoming extremely difficult for companies and even investigators to keep pace with it

IT-based tools that have come into heavy use by corporates and investigators for identification of unethical behaviour are social network analysis of the employees and suspects. Data analysis tools like keyword searching, concept clustering, communication pattern analysis, and text analytics, can be of great help and can contribute valuable insight for an investigation.

Also major deployment of software can be seen in companies for continuous monitoring of business communications – that is, key words within emails to addresses external to the company. Such communication monitoring may be considered invasive to the privacy of the workers, but such are times we live in, that corporates and employers are finding it prudent to be on the safer side and keep an eye on what is being talked through the company systems.

One big challenge is that conducting investigations by cyber security experts and investigators is handling of big data. Massive volumes, unstructured data make it harder for non-experts to find fraudulent activities. It needs very well trained investigators who are very good at use of technologies which can shift through the huge amount of data and make sense of it all. With more than 1.4 terabytes of data, the case of Paradise Papers fully illustrates of the new possibilities for the fraud investigation world.

Whatever the challenges for the corporates and even investigators, the basics remain the same. If one follows the basic principles of security – training and awareness – one can be ahead of cyber criminals. That’s the only way out in the fast changing business and social environment today. Prevention is always better than cure.

The author is Managing Director, Netrika Consulting.

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image