There’s been much publicity about fraudulent transactions on ecommerce sites perpetrated by cybercriminals. But one of the biggest sources of fraud stems from corrupt employees working within a merchant’s own organization.
Sometimes the employees are driven by revenge to get back at employers for real or imagined problems. More often, the motivation is greed.
For example an employee that was in charge of customer call centers for a large corporation had security clearance to the payment processing systems. The employee ran up hundreds of thousands of dollars in fraudulent transactions. Products were shipped and long gone before the fraud was discovered. By that time the employee had quit and left the country.
There are thousands of security breaches that go unreported. Security experts report that close to 20% of payment fraud is caused by company employees, independent contractors or vendors.
Most of the culprits do not have criminal backgrounds. Pre-employment screening is unlikely to identify potential troublemakers. Savvy criminal organizations find it easy to plant insiders who rapidly find and exploit any cracks in security.
Employers must keep a close watch on the payment processing systems. There should be several different tracking mechanisms each in the hands of different management personnel. Cross referencing among the tracking systems can reveal potential fraud that is not obvious if only one trail is pursued.
Clearly advise all people that have access to the payment processing systems that sophisticated audit trails are in place. While this will not deter professional thieves, it can frighten off those who simply exploit obvious holes in the payment processing system.
Monday, August 20, 2007
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment