http://www.zdnet.com.au/wealthy-staff-not-hackers-often-thieves-339326370.htm By Michael Lee ZDNet.com.au November 17th, 2011 Companies are being duped more by their own employees than by external hackers when it comes to cyber fraud, according to KPMG Forensic associate director Stan Gallo, and those employees are often high earners. Gallo presented his talk on corporate identity theft and fraud at Attachmate Group's A Powerful Connection 2011 event today in Sydney, revealing that the typical fraudster isn't your average, scruffy-looking bedroom hacker, but more likely an insider within the corporation. In 65 per cent of all fraud cases, insiders tap into an organisation's IT systems, secretly siphoning off money from the company, or selling intellectual property. One example that Gallo provided was a mother who helped herself to $1.2 million on top of her $40,000 salary by gaming the company's invoicing system. Working in the accounts-payable department of the company, she noticed that payment details were being stored on a shared network drive. After editing the file to fill her own account, she would wait until repeat invoices would be issued, and then abuse her position to approve the payment, hiding it among the other several thousand payments that the company made to cover her tracks. Although the average amount stolen in Australia was $229,000 per incident, Gallo said that women tended to steal much more than men. Yet, in general, the thefts were more likely to have been perpetrated by a man. [...] _____________________________________________________ Subscribe to InfoSec News - www.infosecnews.org http://www.infosecnews.org/mailman/listinfo/isnReceived on Fri Nov 18 2011 - 02:06:32 PST
This archive was generated by hypermail 2.2.0 : Fri Nov 18 2011 - 02:10:39 PST