![\"\"](\"https://www.pymnts.com/wp-content/uploads/2024/09/bank-security-graphic.jpg?w=247\")
The co-founder of business automation startup Skael has been accused of illegally inflating its revenues.
\nBaba Nadimpalli, who had also been the CEO of the defunct company, was\u00a0indicted\u00a0Tuesday (Sept. 24) by a federal grand jury in San Francisco on charges of securities and wire fraud. He has also been charged with fraud by the\u00a0U.S. Securities and Exchange Commission (SEC).
\n\u201cStartup founders cannot fake it until they make it by falsifying revenue metrics shared with investors,\u201d Monique C. Winkler, director of the SEC\u2019s San Francisco Regional Office, said in a\u00a0news release.
\n\u201cWhile the SEC will continue to aggressively pursue private company executives who use falsehoods to raise money from investors, we also urge those who invest in private companies to remain vigilant.\u201d
\nAccording to the indictment, Skael raised more than $40 million between 2020 and 2022 across three funding rounds, with Nadimpalli making false claims about the company\u2019s revenues.
\nProsecutors also allege that Nadimpalli falsely suggested to investors that his firm\u2019s customers included a number of well-known companies, and that the CEO forged bank statements to show nonexistent payments from customers.
\n\u201cNadimpalli also allegedly spent hundreds of thousands of dollars of SKAEL\u2019s money on his own personal expenses, including payments on his house and car,\u201d the SEC said.
\nThe commission also noted that the CEO claimed Skael \u201chad millions of dollars in annually recurring revenue, which was more than 10 times the true amount.\u201d
\nNadimpalli, a resident of Australia, could not immediately be reached for comment by PYMNTS.
\nSkael, which was in business from 2016 to 2022, helped clients automate repetitive tasks. And no matter the truth behind the company\u2019s operations, businesses are increasingly turning to technologies to ease the burden of manual work and fragmented workflows.
\nAmong these technologies is\u00a0robotic process automation\u00a0(RPA), which is helping modernize AP and AR departments, enable more efficient operations, and better cash flow management help companies survive in a competitive market.
\n\u201cFor many SMBs, the challenge in AP/AR lies in dealing with the volume and variety of documents, many of which are still paper-based or siloed across disparate systems,\u201d PYMNTS wrote recently, pointing to research showing that\u00a075% of companies\u00a0still use paper checks.
\n\u201cRPA offers a way to automate data entry, verification, and processing, thus reducing the manual labor and potential for human error associated with these tasks.\u201d
\nThe post SEC Charges Skael Founder With Inflating Automation Startup\u2019s Revenue appeared first on PYMNTS.com.
\n", "content_text": "The co-founder of business automation startup Skael has been accused of illegally inflating its revenues.\nBaba Nadimpalli, who had also been the CEO of the defunct company, was\u00a0indicted\u00a0Tuesday (Sept. 24) by a federal grand jury in San Francisco on charges of securities and wire fraud. He has also been charged with fraud by the\u00a0U.S. Securities and Exchange Commission (SEC).\n\u201cStartup founders cannot fake it until they make it by falsifying revenue metrics shared with investors,\u201d Monique C. Winkler, director of the SEC\u2019s San Francisco Regional Office, said in a\u00a0news release.\n\u201cWhile the SEC will continue to aggressively pursue private company executives who use falsehoods to raise money from investors, we also urge those who invest in private companies to remain vigilant.\u201d\nAccording to the indictment, Skael raised more than $40 million between 2020 and 2022 across three funding rounds, with Nadimpalli making false claims about the company\u2019s revenues.\nProsecutors also allege that Nadimpalli falsely suggested to investors that his firm\u2019s customers included a number of well-known companies, and that the CEO forged bank statements to show nonexistent payments from customers.\n\u201cNadimpalli also allegedly spent hundreds of thousands of dollars of SKAEL\u2019s money on his own personal expenses, including payments on his house and car,\u201d the SEC said.\nThe commission also noted that the CEO claimed Skael \u201chad millions of dollars in annually recurring revenue, which was more than 10 times the true amount.\u201d\nNadimpalli, a resident of Australia, could not immediately be reached for comment by PYMNTS.\nSkael, which was in business from 2016 to 2022, helped clients automate repetitive tasks. And no matter the truth behind the company\u2019s operations, businesses are increasingly turning to technologies to ease the burden of manual work and fragmented workflows.\nAmong these technologies is\u00a0robotic process automation\u00a0(RPA), which is helping modernize AP and AR departments, enable more efficient operations, and better cash flow management help companies survive in a competitive market.\n\u201cFor many SMBs, the challenge in AP/AR lies in dealing with the volume and variety of documents, many of which are still paper-based or siloed across disparate systems,\u201d PYMNTS wrote recently, pointing to research showing that\u00a075% of companies\u00a0still use paper checks.\n\u201cRPA offers a way to automate data entry, verification, and processing, thus reducing the manual labor and potential for human error associated with these tasks.\u201d\nThe post SEC Charges Skael Founder With Inflating Automation Startup\u2019s Revenue appeared first on PYMNTS.com.", "date_published": "2024-09-25T15:41:01-04:00", "date_modified": "2024-09-25T15:41:01-04:00", "authors": [ { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" } ], "author": { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2024/09/SEC-Securities-and-Exchange-Commission-1.jpg", "tags": [ "automation", "fraud", "News", "PYMNTS News", "SEC", "Securities and Exchange Commission", "Skael", "What's Hot", "wire fraud", "Security & Fraud" ] }, { "id": "https://www.pymnts.com/?p=2105525", "url": "https://www.pymnts.com/news/security-and-risk/2024/fbi-reportedly-investigating-hone-capitals-connections-to-china/", "title": "FBI Reportedly Investigating Hone Capital\u2019s Connections to China", "content_html": "The FBI is reportedly investigating a Silicon Valley venture capital group\u2019s ties to China.
\nHone Capital launched with the help of a Chinese private equity group in 2015. Now, investigators are looking into whether the firm passed trade secrets to the Chinese government, the Financial Times (FT)\u00a0reported\u00a0Wednesday (Sept. 25).
\nSources told the FT that the investigation is looking into whether Hone accessed information about the technology, finances or clients of startups on behalf of its owner or Beijing.
\nThose sources said there are concerns that some of Hone\u2019s portfolio companies are contracted to deliver services to the American government, and that some of Hone\u2019s funds may have come from the Chinese government.
\nHone, the American arm of China\u2019s\u00a0CSC Group, has invested in startups such as the payments company Stripe. However, sources told the FT that Hone had no access to sensitive information from many of the startups in its portfolio, Stripe included.
\nThe company\u2019s lawyers provided this statement to the FT:
\n\u201cAllegations that CSC Group, its chairman, or any of its affiliates, including Hone Capital, have misappropriated trade secrets are completely baseless and grounded in nothing but insinuation and speculation fuelled by anti-Chinese sentiment and self-serving allegations from former executives who are actively in litigation with CSC Group over, among other things, their own self-dealing.\u201d
\n“The FBI has no comment,” the bureau’s press office told PYMNTS. “In keeping with Justice Department policy, the FBI neither confirms nor denies conducting specific investigations.”
\nThe news comes during a year that has seen many tech firms tighten security measures over concerns about\u00a0Chinese espionage, with companies such as Google conducting tighter employee screenings.
\nAnd June brought reports that OpenAI was taking steps to\u00a0restrict China\u2019s access\u00a0to artificial intelligence (AI) software.
\nThat came months after Congress\u00a0passed legislation\u00a0that would ban TikTok unless its China-based owner ByteDance divests itself of the popular social media platform within a year.
\n\u201cCongress is not acting to punish ByteDance, TikTok, or any other individual company,\u201d Sen. Maria Cantwell, D-Wash., chair of the Senate Commerce Committee, said in remarks on the Senate floor before voting on the bill. \u201cCongress is acting to prevent foreign adversaries from conducting espionage, surveillance, maligned operations, harming vulnerable Americans, our servicemen and women, and our U.S. government personnel.\u201d
\nFor its part, China has\u00a0banned iPhone use\u00a0by government employees and workers at state-owned companies, and ordered Apple to remove WhatsApp, Threads, Telegram and Signal from its App Store in China, citing\u00a0national security concerns.
\nThe post FBI Reportedly Investigating Hone Capital\u2019s Connections to China appeared first on PYMNTS.com.
\n", "content_text": "The FBI is reportedly investigating a Silicon Valley venture capital group\u2019s ties to China.\nHone Capital launched with the help of a Chinese private equity group in 2015. Now, investigators are looking into whether the firm passed trade secrets to the Chinese government, the Financial Times (FT)\u00a0reported\u00a0Wednesday (Sept. 25).\nSources told the FT that the investigation is looking into whether Hone accessed information about the technology, finances or clients of startups on behalf of its owner or Beijing.\nThose sources said there are concerns that some of Hone\u2019s portfolio companies are contracted to deliver services to the American government, and that some of Hone\u2019s funds may have come from the Chinese government.\nHone, the American arm of China\u2019s\u00a0CSC Group, has invested in startups such as the payments company Stripe. However, sources told the FT that Hone had no access to sensitive information from many of the startups in its portfolio, Stripe included.\nThe company\u2019s lawyers provided this statement to the FT:\n\u201cAllegations that CSC Group, its chairman, or any of its affiliates, including Hone Capital, have misappropriated trade secrets are completely baseless and grounded in nothing but insinuation and speculation fuelled by anti-Chinese sentiment and self-serving allegations from former executives who are actively in litigation with CSC Group over, among other things, their own self-dealing.\u201d\n“The FBI has no comment,” the bureau’s press office told PYMNTS. “In keeping with Justice Department policy, the FBI neither confirms nor denies conducting specific investigations.”\nThe news comes during a year that has seen many tech firms tighten security measures over concerns about\u00a0Chinese espionage, with companies such as Google conducting tighter employee screenings.\nAnd June brought reports that OpenAI was taking steps to\u00a0restrict China\u2019s access\u00a0to artificial intelligence (AI) software.\nThat came months after Congress\u00a0passed legislation\u00a0that would ban TikTok unless its China-based owner ByteDance divests itself of the popular social media platform within a year.\n\u201cCongress is not acting to punish ByteDance, TikTok, or any other individual company,\u201d Sen. Maria Cantwell, D-Wash., chair of the Senate Commerce Committee, said in remarks on the Senate floor before voting on the bill. \u201cCongress is acting to prevent foreign adversaries from conducting espionage, surveillance, maligned operations, harming vulnerable Americans, our servicemen and women, and our U.S. government personnel.\u201d\nFor its part, China has\u00a0banned iPhone use\u00a0by government employees and workers at state-owned companies, and ordered Apple to remove WhatsApp, Threads, Telegram and Signal from its App Store in China, citing\u00a0national security concerns.\nThe post FBI Reportedly Investigating Hone Capital\u2019s Connections to China appeared first on PYMNTS.com.", "date_published": "2024-09-25T10:45:40-04:00", "date_modified": "2024-09-25T15:22:59-04:00", "authors": [ { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" } ], "author": { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2024/09/FBI-Hone-Capital-China.png", "tags": [ "china", "CSC Group", "FBI", "Government", "Hone Capital", "international", "investigations", "national security", "News", "PYMNTS News", "Security", "Stripe", "Venture Capital", "What's Hot", "Security & Fraud" ] }, { "id": "https://www.pymnts.com/?p=2104697", "url": "https://www.pymnts.com/news/security-and-risk/2024/hsbc-tech-sector-should-help-refund-app-fraud-victims/", "title": "HSBC: Tech Sector Should Help Refund APP Fraud Victims", "content_html": "British banking giant HSBC wants the tech industry\u2019s help with new fraud reimbursement rules.
\nThe bank said the regulations expected to go into effect next month will not prevent fraud, The Guardian reported Sunday (Sept. 22).
\nDavid Callington, the head of fraud at HSBC UK, said while the new rules will lead banks and payment firms to upgrade their fraud detection systems, they won\u2019t be enough to stem the tide of authorized push payment (APP) fraud cases in the United Kingdom, per the report.
\nThose fraud incidents \u2014 in which people are tricked into sending money to accounts held by scammers \u2014 cost consumers hundreds of millions of pounds last year, the report said. Beginning next week, banks and payment companies must reimburse scam victims up to 85,000 pounds (about $114,000).
\nBritish regulators put the rules in place following a wave of APP fraud cases. Figures from the U.K.\u2019s Payment Systems Regulator (PSR) showed that APP fraud reached nearly 341 million pounds last year, a 12% decline since 2022. However, the volume of fraud cases climbed by 12% to 252,636, up from 224,603 the previous year.
\n\u201cWe can see some positive changes with more victims being reimbursed than in 2022,\u201d David Geale, the PSR\u2019s managing director, said in August. \u201cBut there is still more to do \u2014 particularly for some smaller firms which have much higher rates of receiving fraud than larger firms.\u201d
\nMeanwhile, financial industry lobbying groups argue that most APP fraud cases originate on online platforms and social media sites such as TikTok or Facebook, The Guardian report said.
\n\u201cThe wider ecosystem, and key players in that ecosystem, have to be held to account,\u201d Callington said, per the report. While banks need to be vigilant, the financial obligations need to \u201csit with those other sectors as well. They need the financial incentive.\u201d
\nSo far, the British government has asked tech and social media companies to take a voluntary pledge to prevent fraud, the report said. However, Callington said fraud would continue until Big Tech is forced to reimburse scam victims in cases where their fraud prevention efforts were insufficient.
\n\u201c[R]egulators will only step in when they see that actually there\u2019s not enough traction [on preventing fraud], and we\u2019re not generating the outcomes that we want \u2026 from the voluntary aspects that have been put in place,\u201d Callington said, per the report.
\nThe post HSBC: Tech Sector Should Help Refund APP Fraud Victims appeared first on PYMNTS.com.
\n", "content_text": "British banking giant HSBC wants the tech industry\u2019s help with new fraud reimbursement rules.\nThe bank said the regulations expected to go into effect next month will not prevent fraud, The Guardian reported Sunday (Sept. 22).\nDavid Callington, the head of fraud at HSBC UK, said while the new rules will lead banks and payment firms to upgrade their fraud detection systems, they won\u2019t be enough to stem the tide of authorized push payment (APP) fraud cases in the United Kingdom, per the report.\nThose fraud incidents \u2014 in which people are tricked into sending money to accounts held by scammers \u2014 cost consumers hundreds of millions of pounds last year, the report said. Beginning next week, banks and payment companies must reimburse scam victims up to 85,000 pounds (about $114,000).\nBritish regulators put the rules in place following a wave of APP fraud cases. Figures from the U.K.\u2019s Payment Systems Regulator (PSR) showed that APP fraud reached nearly 341 million pounds last year, a 12% decline since 2022. However, the volume of fraud cases climbed by 12% to 252,636, up from 224,603 the previous year.\n\u201cWe can see some positive changes with more victims being reimbursed than in 2022,\u201d David Geale, the PSR\u2019s managing director, said in August. \u201cBut there is still more to do \u2014 particularly for some smaller firms which have much higher rates of receiving fraud than larger firms.\u201d\nMeanwhile, financial industry lobbying groups argue that most APP fraud cases originate on online platforms and social media sites such as TikTok or Facebook, The Guardian report said.\n\u201cThe wider ecosystem, and key players in that ecosystem, have to be held to account,\u201d Callington said, per the report. While banks need to be vigilant, the financial obligations need to \u201csit with those other sectors as well. They need the financial incentive.\u201d\nSo far, the British government has asked tech and social media companies to take a voluntary pledge to prevent fraud, the report said. However, Callington said fraud would continue until Big Tech is forced to reimburse scam victims in cases where their fraud prevention efforts were insufficient.\n\u201c[R]egulators will only step in when they see that actually there\u2019s not enough traction [on preventing fraud], and we\u2019re not generating the outcomes that we want \u2026 from the voluntary aspects that have been put in place,\u201d Callington said, per the report.\nThe post HSBC: Tech Sector Should Help Refund APP Fraud Victims appeared first on PYMNTS.com.", "date_published": "2024-09-24T09:33:36-04:00", "date_modified": "2024-09-24T09:33:36-04:00", "authors": [ { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" } ], "author": { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2023/08/HSBC.jpg", "tags": [ "APP Fraud", "authorized push payments fraud", "Big Tech", "fraud", "HSBC", "international", "News", "PYMNTS News", "regulations", "scams", "Security", "Technology", "uk", "What's Hot", "Security & Fraud" ] }, { "id": "https://www.pymnts.com/?p=2104397", "url": "https://www.pymnts.com/news/security-and-risk/2024/69-of-consumers-prioritize-fraud-protection-when-picking-a-bank/", "title": "69% of Consumers Prioritize Fraud Protection When Picking a Bank", "content_html": "Banks and financial institutions (FIs) face challenges in balancing the convenience of digital banking with the need for robust security measures. Economic impacts from fraud have forced these institutions to shift resources away from innovation toward immediate threat mitigation, hindering progress in the sector.
\nAs security threats evolve, a PYMNTS Intelligence report, \u201cProgress and Protection: Balancing Convenience and Security in Digital Banking,\u201d in collaboration with NCR Voyix, illustrates how banks must find a way to outsmart fraudsters while meeting consumer demands for both innovative services and enhanced security.
\n
As the financial landscape undergoes digital transformation, the financial sector faces challenges \u2014 not least among them the rising costs of fraud. In a cycle that jeopardizes innovation, banks and financial institutions are often forced to divert resources from long-term strategic goals to immediate threat mitigation. This shift has implications for the industry, slowing progress in the very innovations that could enhance security and improve customer experience.
\nFraud is evolving, putting banks on high alert. In 2023, the average fraud-related costs for FIs with assets exceeding $5 billion surged to $3.8 million, a massive 65% increase from the previous year. This rise is attributed to more sophisticated fraud tactics, with purchase return authorization fraud averaging $115,000 per incident. Notably, 47% of FIs reported dealing with account takeover fraud (ATO) in the past year, while phishing attacks continue to target 73% of banking customers, leading to further security breaches. As a result, 43% of FIs noted an uptick in fraud incidents, and most of these attempts stem from systemic deficiencies within their existing fraud technology stacks.
\nStriking a balance between innovation and security is crucial for banks and FIs. Consumer expectations are shifting, with 69% prioritizing fraud protection when selecting a financial institution. Furthermore, 32% consider this the most critical factor in their decision-making as the increasing demand for streamlined onboarding processes complicates the situation.
\nIn fact, 24% of potential new account holders may be deterred if security measures are perceived as too cumbersome.
\nAs digital banking becomes mainstream, so do security concerns. While 76% of consumers demand real-time service access, nearly half express skepticism regarding the security of artificial intelligence (AI)-enhanced banking technologies.
\nNinety-one percent of consumers emphasize the importance of safeguarding their personal information, indicating that trust is as essential as technological innovation in retaining customers. Consequently, banks must navigate this complex landscape, balancing security needs with consumer expectations for seamless digital experiences.
\nTo combat security threats, banks and FIs must adopt proactive strategies, particularly as open banking presents new fraud risks. Consider 46% of institutions believe these risks outweigh the benefits, especially among those already grappling with high fraud levels. In response, many are leveraging advanced technologies like AI and machine learning to enhance security, with 79% of institutions using cloud solutions confident in offering secure real-time payments.
\nAdditionally, 47% of consumers now use biometric authentication, and 60% believe it improves online security. To build resilience, banks should implement adaptive security measures, such as multifactor and biometric authentication, and prepare for future threats with post-quantum cryptography.
\nCollaborating with FinTechs can also spark innovation and agility, helping institutions meet the demands of a digital-first consumer base. As fraud tactics evolve, prioritizing security within digital strategies will be crucial for building trust and competitiveness in the market.
\n\n
The post 69% of Consumers Prioritize Fraud Protection When Picking a Bank appeared first on PYMNTS.com.
\n", "content_text": "Banks and financial institutions (FIs) face challenges in balancing the convenience of digital banking with the need for robust security measures. Economic impacts from fraud have forced these institutions to shift resources away from innovation toward immediate threat mitigation, hindering progress in the sector. \nAs security threats evolve, a PYMNTS Intelligence report, \u201cProgress and Protection: Balancing Convenience and Security in Digital Banking,\u201d in collaboration with NCR Voyix, illustrates how banks must find a way to outsmart fraudsters while meeting consumer demands for both innovative services and enhanced security.\nRedirecting Resources\n\nAs the financial landscape undergoes digital transformation, the financial sector faces challenges \u2014 not least among them the rising costs of fraud. In a cycle that jeopardizes innovation, banks and financial institutions are often forced to divert resources from long-term strategic goals to immediate threat mitigation. This shift has implications for the industry, slowing progress in the very innovations that could enhance security and improve customer experience.\nFraud is evolving, putting banks on high alert. In 2023, the average fraud-related costs for FIs with assets exceeding $5 billion surged to $3.8 million, a massive 65% increase from the previous year. This rise is attributed to more sophisticated fraud tactics, with purchase return authorization fraud averaging $115,000 per incident. Notably, 47% of FIs reported dealing with account takeover fraud (ATO) in the past year, while phishing attacks continue to target 73% of banking customers, leading to further security breaches. As a result, 43% of FIs noted an uptick in fraud incidents, and most of these attempts stem from systemic deficiencies within their existing fraud technology stacks.\nInnovation vs Security\nStriking a balance between innovation and security is crucial for banks and FIs. Consumer expectations are shifting, with 69% prioritizing fraud protection when selecting a financial institution. Furthermore, 32% consider this the most critical factor in their decision-making as the increasing demand for streamlined onboarding processes complicates the situation.\nIn fact, 24% of potential new account holders may be deterred if security measures are perceived as too cumbersome.\nAs digital banking becomes mainstream, so do security concerns. While 76% of consumers demand real-time service access, nearly half express skepticism regarding the security of artificial intelligence (AI)-enhanced banking technologies. \nNinety-one percent of consumers emphasize the importance of safeguarding their personal information, indicating that trust is as essential as technological innovation in retaining customers. Consequently, banks must navigate this complex landscape, balancing security needs with consumer expectations for seamless digital experiences.\nCan Banks Keep Up?\nTo combat security threats, banks and FIs must adopt proactive strategies, particularly as open banking presents new fraud risks. Consider 46% of institutions believe these risks outweigh the benefits, especially among those already grappling with high fraud levels. In response, many are leveraging advanced technologies like AI and machine learning to enhance security, with 79% of institutions using cloud solutions confident in offering secure real-time payments.\nAdditionally, 47% of consumers now use biometric authentication, and 60% believe it improves online security. To build resilience, banks should implement adaptive security measures, such as multifactor and biometric authentication, and prepare for future threats with post-quantum cryptography. \nCollaborating with FinTechs can also spark innovation and agility, helping institutions meet the demands of a digital-first consumer base. As fraud tactics evolve, prioritizing security within digital strategies will be crucial for building trust and competitiveness in the market.\n \nThe post 69% of Consumers Prioritize Fraud Protection When Picking a Bank appeared first on PYMNTS.com.", "date_published": "2024-09-24T04:00:33-04:00", "date_modified": "2024-09-23T17:42:17-04:00", "authors": [ { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" } ], "author": { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2024/09/bank-fraud-and-security.jpg", "tags": [ "banking", "Banking Fraud", "Biometric Authentication", "biometrics", "Cybersecurity", "Digital Banking", "digital transformation", "Featured News", "FinTechs", "Multifactor Authentication", "News", "Open Banking", "PYMNTS News", "security and fraud", "The Data Point", "Security & Fraud" ] }, { "id": "https://www.pymnts.com/?p=2102557", "url": "https://www.pymnts.com/news/security-and-risk/2024/report-disney-cuts-ties-with-slack-after-data-heist/", "title": "Report: Disney Cuts Ties With Slack After Data Heist", "content_html": "Disney reportedly plans to stop using workplace collaboration platform Slack following a recent data breach.
\nChief financial officer Hugh Johnston announced the change this week, the Wall Street Journal (WSJ) reported Thursday (Sept. 19), citing an internal memo reviewed by the news outlet. That memo said many teams at the entertainment behemoth had begun switching over to \u201cstreamlined enterprise-wide collaboration tools.\u201d
\n\u201cWhere we have opportunities to leverage more integrated tools and platforms we should,\u201d the memo said.
\nThe move comes after a hacker stole a terabyte worth of data \u2014 including 44 million messages and more than 18,800 spreadsheets and at least 13,000 PDFs \u2014 and leaked it online.
\nThis included financial and strategy information, the WSJ said, along with personally identifiable information for employees and customers.
\nPYMNTS has contacted Disney and Slack-owner Salesforce for comment but has not yet gotten a reply.
\nAs covered here in July, the material was published by an anonymous hacking group known as \u201cNullbulge,\u201d which has used Trojan horse tactics to distribute malicious software, hiding it in free add-ons for games and AI image generation software.
\nThe hack comes in the midst of what PYMNTS has called \u201cthe year of the cyberattack,\u201d following damaging attacks on several high-profile companies and organizations.
\nIn the past year, 82% of eCommerce merchants suffered cyber or data breaches, with 47% saying the breaches resulted in both lost revenue and lost customers, according to \u201cFraud Management in Online Transactions,\u201d a PYMNTS Intelligence and Nuvei report.
\nAs PYMNTS wrote soon after the Disney breach was reported, this sort of incident underlines the need for fault tolerance. The stakes are high, that report added, noting that breaches can cost companies millions, harm reputations and weaken customer trust. To reduce these risks, the emphasis must pivot from a purely preventive approach to a strategy that balances prevention with robust response and recovery.
\n\u201cThe barrier for entry has never been lower for threat actors,\u201d Sunil Mallik, chief information security officer at Discover\u00ae Global Network, told PYMNTS in a recent interview, adding that the cost of computing power has decreased drastically over the past decade, making it easier for criminals to get access powerful tools and carry out sophisticated attacks.
\n\u201cIt\u2019s a combination of defenses at the human layer, controls at the network layer, application layer and business process layer,\u201d Mallik added. \u201cThis is complemented by continuous monitoring of the external threat environment.\u201d
\nThe post Report: Disney Cuts Ties With Slack After Data Heist appeared first on PYMNTS.com.
\n", "content_text": "Disney reportedly plans to stop using workplace collaboration platform Slack following a recent data breach.\nChief financial officer Hugh Johnston announced the change this week, the Wall Street Journal (WSJ) reported Thursday (Sept. 19), citing an internal memo reviewed by the news outlet. That memo said many teams at the entertainment behemoth had begun switching over to \u201cstreamlined enterprise-wide collaboration tools.\u201d\n\u201cWhere we have opportunities to leverage more integrated tools and platforms we should,\u201d the memo said.\nThe move comes after a hacker stole a terabyte worth of data \u2014 including 44 million messages and more than 18,800 spreadsheets and at least 13,000 PDFs \u2014 and leaked it online.\nThis included financial and strategy information, the WSJ said, along with personally identifiable information for employees and customers.\nPYMNTS has contacted Disney and Slack-owner Salesforce for comment but has not yet gotten a reply.\nAs covered here in July, the material was published by an anonymous hacking group known as \u201cNullbulge,\u201d which has used Trojan horse tactics to distribute malicious software, hiding it in free add-ons for games and AI image generation software.\nThe hack comes in the midst of what PYMNTS has called \u201cthe year of the cyberattack,\u201d following damaging attacks on several high-profile companies and organizations.\nIn the past year, 82% of eCommerce merchants suffered cyber or data breaches, with 47% saying the breaches resulted in both lost revenue and lost customers, according to \u201cFraud Management in Online Transactions,\u201d a PYMNTS Intelligence and Nuvei report.\nAs PYMNTS wrote soon after the Disney breach was reported, this sort of incident underlines the need for fault tolerance. The stakes are high, that report added, noting that breaches can cost companies millions, harm reputations and weaken customer trust. To reduce these risks, the emphasis must pivot from a purely preventive approach to a strategy that balances prevention with robust response and recovery.\n\u201cThe barrier for entry has never been lower for threat actors,\u201d Sunil Mallik, chief information security officer at Discover\u00ae Global Network, told PYMNTS in a recent interview, adding that the cost of computing power has decreased drastically over the past decade, making it easier for criminals to get access powerful tools and carry out sophisticated attacks.\n\u201cIt\u2019s a combination of defenses at the human layer, controls at the network layer, application layer and business process layer,\u201d Mallik added. \u201cThis is complemented by continuous monitoring of the external threat environment.\u201d\nThe post Report: Disney Cuts Ties With Slack After Data Heist appeared first on PYMNTS.com.", "date_published": "2024-09-19T16:23:56-04:00", "date_modified": "2024-09-19T16:23:56-04:00", "authors": [ { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" } ], "author": { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2024/09/Disney-Slack-data-breach.jpg", "tags": [ "communications", "Cybercrime", "Cybersecurity", "Data Breach", "Data Breaches", "data security", "data theft", "disney", "fraud", "hacking", "News", "PYMNTS News", "Security", "Slack", "What's Hot", "Security & Fraud" ] }, { "id": "https://www.pymnts.com/?p=2101616", "url": "https://www.pymnts.com/news/security-and-risk/2024/reducing-the-attack-surface-how-data-breaches-imperil-corporate-networks/", "title": "Reducing the Attack Surface: How Data Breaches Imperil Corporate Networks", "content_html": "Data breaches are like opinions \u2014 these days, it seems like everyone has one.
\nBut that\u2019s not great news for the business landscape, particularly as critical infrastructure providers are increasingly targeted by bad actors.
\nAnd with the news Tuesday (Sept. 17) that the Federal Communications Commission (FCC) announced a $13 million settlement with AT&T to resolve an Enforcement Bureau investigation, reducing the attack surface and entry points that hackers seek to exploit is top of mind for service providers and businesses. That investigation focused on the company\u2019s supply chain integrity and whether it failed to protect the information of AT&T customers in connection with a data breach of a vendor\u2019s cloud environment.
\nWhile traditionally, businesses have focused on internal cybersecurity measures, today\u2019s interconnected digital ecosystem demands a more holistic approach.
\nWith third-party vendors, cloud-based services and intricate supply chains playing key roles in day-to-day operations, the attack surface has expanded, giving threat actors more entry points to exploit. As these breaches have shown, protecting data is no longer just a matter of internal IT security; it requires a broad, collective effort among businesses, service providers and the vendors they rely on.
\n\u201cToday\u2019s announcement should send a strong message that the Enforcement Bureau will not hesitate to take action against service providers that choose to put their customers\u2019 data in the cloud, share that data with their vendors, and then fail to be responsible custodians of that data,\u201d Enforcement Bureau Chief Loyaan A. Egal, who also serves as Chair of the FCC\u2019s Privacy and Data Protection Task Force, said in a statement.
\nUnderscoring the broader impact these data breaches can have, news also broke Tuesday that cybercriminals are brute-forcing passwords for highly privileged accounts on an accounting software provider widely used in the construction industry.
\nThe report found active and ongoing corporate network breaches through these attacks at plumbing, HVAC, concrete and other sub-industry companies.
\nRead more: Aligning Payments and Data Operations With Compliance and Cyber Risks
\nIn the wake of high-profile data breaches, including AT&T and other major companies, cybersecurity has become a central concern for organizations of all sizes, serving as a stark reminder that no company, no matter its size or resources, is immune to cyber threats.
\nThese breaches have not only exposed millions of personal data records but also revealed vulnerabilities in the systems used by businesses and their service providers. As cyberattacks grow in frequency and sophistication, the responsibility to reduce the attack surface \u2014 the totality of vulnerabilities that hackers could exploit \u2014 is increasingly falling on businesses and their service providers.
\nThe breaches have also proven to be costly. Outside of AT&T\u2019s $13 million FCC settlement, news broke Sunday (Sept. 15) that 23andMe\u00a0will pay $30 million to settle a lawsuit tied to a data breach that exposed the private information of almost 7 million customers.
\nFor service providers, the obligation to secure their infrastructure and reduce attack surfaces is particularly urgent. As key facilitators of business operations, service providers often handle sensitive customer data, making them prime targets for cybercriminals. Moreover, their clients depend on the integrity of their systems to maintain secure operations. If service providers fail to prevent data breaches, the ripple effects extend beyond their own operations to impact countless businesses and consumers downstream.
\nSee also:\u00a0Guarding the Gate: Cyberattacks Won\u2019t Stop, but Their Fallout Can Be Prevented
\nIn the current digital era, the battle against cyber threats is constant, and the attack surface will continue to evolve as businesses and service providers adopt new technologies. With the rise of artificial intelligence (AI), quantum computing and the Internet of Things (IoT), the number of potential entry points for cybercriminals will grow exponentially. This means that the task of reducing the attack surface will only become more challenging over time.
\nAs the AT&T vendor breach and construction industry\u2019s woes have demonstrated, cybersecurity can no longer be confined to the walls of a single organization. The interconnected nature of modern business means that one company\u2019s vulnerabilities can easily become another\u2019s liabilities. As a result, service providers and businesses must work together to secure the entire supply chain.
\nThe growing complexity of service providers\u2019 infrastructures \u2014 ranging from legacy systems that are difficult to patch to expansive cloud services that open up new vulnerabilities \u2014 creates multiple layers of potential entry points for cybercriminals.
\nReducing this attack surface involves not only securing internal systems but also ensuring that third-party vendors and partners adhere to stringent security protocols. Service providers must move from reactive cybersecurity measures to proactive, risk-based approaches that anticipate and mitigate potential threats before they can be exploited.
\nThe post Reducing the Attack Surface: How Data Breaches Imperil Corporate Networks appeared first on PYMNTS.com.
\n", "content_text": "Data breaches are like opinions \u2014 these days, it seems like everyone has one.\nBut that\u2019s not great news for the business landscape, particularly as critical infrastructure providers are increasingly targeted by bad actors.\nAnd with the news Tuesday (Sept. 17) that the Federal Communications Commission (FCC) announced a $13 million settlement with AT&T to resolve an Enforcement Bureau investigation, reducing the attack surface and entry points that hackers seek to exploit is top of mind for service providers and businesses. That investigation focused on the company\u2019s supply chain integrity and whether it failed to protect the information of AT&T customers in connection with a data breach of a vendor\u2019s cloud environment.\nWhile traditionally, businesses have focused on internal cybersecurity measures, today\u2019s interconnected digital ecosystem demands a more holistic approach.\nWith third-party vendors, cloud-based services and intricate supply chains playing key roles in day-to-day operations, the attack surface has expanded, giving threat actors more entry points to exploit. As these breaches have shown, protecting data is no longer just a matter of internal IT security; it requires a broad, collective effort among businesses, service providers and the vendors they rely on.\n\u201cToday\u2019s announcement should send a strong message that the Enforcement Bureau will not hesitate to take action against service providers that choose to put their customers\u2019 data in the cloud, share that data with their vendors, and then fail to be responsible custodians of that data,\u201d Enforcement Bureau Chief Loyaan A. Egal, who also serves as Chair of the FCC\u2019s Privacy and Data Protection Task Force, said in a statement.\nUnderscoring the broader impact these data breaches can have, news also broke Tuesday that cybercriminals are brute-forcing passwords for highly privileged accounts on an accounting software provider widely used in the construction industry.\nThe report found active and ongoing corporate network breaches through these attacks at plumbing, HVAC, concrete and other sub-industry companies.\nRead more: Aligning Payments and Data Operations With Compliance and Cyber Risks\nGrowing Threat of Cyberattacks: A Wake-Up Call for Businesses\nIn the wake of high-profile data breaches, including AT&T and other major companies, cybersecurity has become a central concern for organizations of all sizes, serving as a stark reminder that no company, no matter its size or resources, is immune to cyber threats.\nThese breaches have not only exposed millions of personal data records but also revealed vulnerabilities in the systems used by businesses and their service providers. As cyberattacks grow in frequency and sophistication, the responsibility to reduce the attack surface \u2014 the totality of vulnerabilities that hackers could exploit \u2014 is increasingly falling on businesses and their service providers.\nThe breaches have also proven to be costly. Outside of AT&T\u2019s $13 million FCC settlement, news broke Sunday (Sept. 15) that 23andMe\u00a0will pay $30 million to settle a lawsuit tied to a data breach that exposed the private information of almost 7 million customers.\nFor service providers, the obligation to secure their infrastructure and reduce attack surfaces is particularly urgent. As key facilitators of business operations, service providers often handle sensitive customer data, making them prime targets for cybercriminals. Moreover, their clients depend on the integrity of their systems to maintain secure operations. If service providers fail to prevent data breaches, the ripple effects extend beyond their own operations to impact countless businesses and consumers downstream.\nSee also:\u00a0Guarding the Gate: Cyberattacks Won\u2019t Stop, but Their Fallout Can Be Prevented\nCollaboration Across the Digital Supply Chain\u00a0\nIn the current digital era, the battle against cyber threats is constant, and the attack surface will continue to evolve as businesses and service providers adopt new technologies. With the rise of artificial intelligence (AI), quantum computing and the Internet of Things (IoT), the number of potential entry points for cybercriminals will grow exponentially. This means that the task of reducing the attack surface will only become more challenging over time.\nAs the AT&T vendor breach and construction industry\u2019s woes have demonstrated, cybersecurity can no longer be confined to the walls of a single organization. The interconnected nature of modern business means that one company\u2019s vulnerabilities can easily become another\u2019s liabilities. As a result, service providers and businesses must work together to secure the entire supply chain.\nThe growing complexity of service providers\u2019 infrastructures \u2014 ranging from legacy systems that are difficult to patch to expansive cloud services that open up new vulnerabilities \u2014 creates multiple layers of potential entry points for cybercriminals.\nReducing this attack surface involves not only securing internal systems but also ensuring that third-party vendors and partners adhere to stringent security protocols. Service providers must move from reactive cybersecurity measures to proactive, risk-based approaches that anticipate and mitigate potential threats before they can be exploited.\nThe post Reducing the Attack Surface: How Data Breaches Imperil Corporate Networks appeared first on PYMNTS.com.", "date_published": "2024-09-18T14:15:18-04:00", "date_modified": "2024-09-19T22:35:52-04:00", "authors": [ { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" } ], "author": { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2024/05/data-breach-1.jpg", "tags": [ "AT&T", "B2B", "B2B Payments", "commercial payments", "Cybersecurity", "Data Breaches", "data protection", "FCC", "FCC Enforcement Bureau", "Federal Communications Commission", "fraud", "News", "PYMNTS News", "Security", "Supply Chain", "Technology", "Security & Fraud" ] }, { "id": "https://www.pymnts.com/?p=2101149", "url": "https://www.pymnts.com/news/security-and-risk/2024/invoice-invasion-defending-the-finance-department-from-hidden-fraud-risks/", "title": "Invoice Invasion: Defending the Finance Department From Hidden Fraud Risks", "content_html": "Businesses can\u2019t grow without getting paid, and businesses won\u2019t get paid without an invoice.
\nBut fraudsters have taken notice, capitalizing on the fact that the invoice, whether it\u2019s digital or paper, represents one of a company\u2019s most attractive attack surfaces.
\nAgainst this backdrop, invoice fraud is a rapidly growing threat, with cybercriminals and internal fraudsters increasingly finding ways to manipulate the payment process for illicit gain.
\nInvoice and vendor fraud can take many forms, from fake invoices sent by external cybercriminals to fraudulent activities carried out by employees with access to internal systems.
\nAnd as the contemporary threat landscape digitizes, with businesses becoming more reliant on digital transactions, the risk continues to rise, especially for companies with outdated systems or weak internal controls.
\nCybercriminals have become adept at exploiting weaknesses in digital payment systems. Invoice fraud often starts with a phishing attack or a compromised email account. In these cases, attackers will intercept or spoof communications between businesses, posing as a legitimate vendor or supplier. They then send altered invoices or payment instructions, redirecting funds to fraudulent accounts.
\nFor many B2B companies, these vulnerabilities have become a significant source of financial and operational risk.
\nRead more: Why Business Email Compromise Scams Target Valuable B2B Relationships
\nThe PYMNTS Intelligence report \u201cAutomating Accounts Payable for Cost Savings\u201d found that 34% of\u00a0businesses\u00a0process more than 5,000\u00a0invoices per month. At the same time, separate PYMNTS Intelligence in the report \u201cGetting Paid: Digital Payments for Improving Cash Flow and Customer Experience\u201d found that 75% of companies still use paper checks.
\nThose two statistics underscore a growing gap in the payments industry: the disconnect between accounts payable (AP) workflows and payments, which can leave businesses vulnerable to inefficiencies and fraud.
\nThat\u2019s because manual and paper-based processes expose companies to risks such as invoice duplication, payment fraud and vendor impersonation. Paper-based systems also make it difficult to implement stringent security controls, while fragmented tech stacks may not offer effective safeguards.
\nFraudsters \u201cwill call your back-office staff who are not trained in\u00a0payments\u00a0fraud prevention and try to communicate false information over the phone. And these staffers, they are great, smart, hardworking people, but they do not have the tools and that is why the fraudsters are attacking them,\u201d Ernest Rolfson, founder and CEO of\u00a0Finexio, told PYMNTS in an interview posted in July.
\n\u201cFraud is the biggest and most important thing we hear from customers today in B2B payments \u2026 They want more automation, as much as possible, and they want no fraud,\u201d Rolfson added.
\nRead also:\u00a0Unlocking the 3 Biggest Benefits of Automating Accounts Payable
\nData shows the average enterprise receives half of its invoices on paper, with nearly four in 10 (38%) of payments being made manually. Against this backdrop, over a third of firms (36%) cite automating their AP function as a key priority.
\nCompanies that rely on manual processes and systems that are prone to human error and offer limited visibility into transactions can find that they\u2019ve inadvertently made it easier for both external and internal fraudsters to exploit them.
\n\u201cThe inflexibility of traditional systems and platforms have\u00a0prevented\u00a0lots of companies from moving forward and keeping up,\u201d\u00a0Boost Payment Solutions Chief Operating Officer\u00a0Illya Shell told PYMNTS.
\nMany businesses, especially small- to medium-sized businesses, also operate with limited financial oversight, allowing fraudulent invoices to slip through the cracks.
\nBut advances in digital payments technology, including automated invoicing and payment platforms with built-in fraud detection capabilities, can help reduce the risk of human error and flag suspicious transactions in real time. These systems offer greater visibility into the payment process and can quickly identify anomalies, such as changes to bank account details or unusual payment requests.
\nUltimately, the human layer of defense, as emphasized by many of the\u00a0risk management leaders PYMNTS has spoken to, is increasingly critical in shrinking enterprise attack surfaces \u2014 making individual education around best practices crucial for a company\u2019s own\u00a0employees.
\nDeveloping strong relationships with trusted vendors and suppliers can also help reduce the risk of fraudulent invoices. Businesses should verify vendor details before making payments and regularly review supplier contracts to ensure that services are being rendered as agreed.
\nLooking ahead, as businesses invest in advanced technologies, strengthen internal policies and educate their employees on fraud risks, the future intersection of both payments automation and fraud prevention looks bright.
\n\u201cThere are a lot of changes happening across a lot of outdated or antiquated industries. We\u2019re in a\u00a0good space right now to see a lot of change,\u201d\u00a0Priority Head of Commercial\u00a0Court Toomey told PYMNTS.\u00a0\u201cIt\u2019s ironic that\u00a0one of the areas for most companies that is the most outdated\u00a0are\u00a0their financial\u00a0tools,\u00a0when just a small investment from that same team can go a long way in improving efficiency and\u00a0also\u00a0cost savings.\u201d
\nThe post Invoice Invasion: Defending the Finance Department From Hidden Fraud Risks appeared first on PYMNTS.com.
\n", "content_text": "Businesses can\u2019t grow without getting paid, and businesses won\u2019t get paid without an invoice.\nBut fraudsters have taken notice, capitalizing on the fact that the invoice, whether it\u2019s digital or paper, represents one of a company\u2019s most attractive attack surfaces.\nAgainst this backdrop, invoice fraud is a rapidly growing threat, with cybercriminals and internal fraudsters increasingly finding ways to manipulate the payment process for illicit gain.\nInvoice and vendor fraud can take many forms, from fake invoices sent by external cybercriminals to fraudulent activities carried out by employees with access to internal systems.\nAnd as the contemporary threat landscape digitizes, with businesses becoming more reliant on digital transactions, the risk continues to rise, especially for companies with outdated systems or weak internal controls.\nCybercriminals have become adept at exploiting weaknesses in digital payment systems. Invoice fraud often starts with a phishing attack or a compromised email account. In these cases, attackers will intercept or spoof communications between businesses, posing as a legitimate vendor or supplier. They then send altered invoices or payment instructions, redirecting funds to fraudulent accounts.\nFor many B2B companies, these vulnerabilities have become a significant source of financial and operational risk.\nRead more: Why Business Email Compromise Scams Target Valuable B2B Relationships\nOutdated Systems and Weak Internal Controls: A Recipe for Disaster\nThe PYMNTS Intelligence report \u201cAutomating Accounts Payable for Cost Savings\u201d found that 34% of\u00a0businesses\u00a0process more than 5,000\u00a0invoices per month. At the same time, separate PYMNTS Intelligence in the report \u201cGetting Paid: Digital Payments for Improving Cash Flow and Customer Experience\u201d found that 75% of companies still use paper checks.\nThose two statistics underscore a growing gap in the payments industry: the disconnect between accounts payable (AP) workflows and payments, which can leave businesses vulnerable to inefficiencies and fraud.\nThat\u2019s because manual and paper-based processes expose companies to risks such as invoice duplication, payment fraud and vendor impersonation. Paper-based systems also make it difficult to implement stringent security controls, while fragmented tech stacks may not offer effective safeguards.\nFraudsters \u201cwill call your back-office staff who are not trained in\u00a0payments\u00a0fraud prevention and try to communicate false information over the phone. And these staffers, they are great, smart, hardworking people, but they do not have the tools and that is why the fraudsters are attacking them,\u201d Ernest Rolfson, founder and CEO of\u00a0Finexio, told PYMNTS in an interview posted in July.\n\u201cFraud is the biggest and most important thing we hear from customers today in B2B payments \u2026 They want more automation, as much as possible, and they want no fraud,\u201d Rolfson added.\nRead also:\u00a0Unlocking the 3 Biggest Benefits of Automating Accounts Payable\nStrategies for Prevention and Risk Mitigation\nData shows the average enterprise receives half of its invoices on paper, with nearly four in 10 (38%) of payments being made manually. Against this backdrop, over a third of firms (36%) cite automating their AP function as a key priority.\nCompanies that rely on manual processes and systems that are prone to human error and offer limited visibility into transactions can find that they\u2019ve inadvertently made it easier for both external and internal fraudsters to exploit them.\n\u201cThe inflexibility of traditional systems and platforms have\u00a0prevented\u00a0lots of companies from moving forward and keeping up,\u201d\u00a0Boost Payment Solutions Chief Operating Officer\u00a0Illya Shell told PYMNTS.\nMany businesses, especially small- to medium-sized businesses, also operate with limited financial oversight, allowing fraudulent invoices to slip through the cracks.\nBut advances in digital payments technology, including automated invoicing and payment platforms with built-in fraud detection capabilities, can help reduce the risk of human error and flag suspicious transactions in real time. These systems offer greater visibility into the payment process and can quickly identify anomalies, such as changes to bank account details or unusual payment requests.\nUltimately, the human layer of defense, as emphasized by many of the\u00a0risk management leaders PYMNTS has spoken to, is increasingly critical in shrinking enterprise attack surfaces \u2014 making individual education around best practices crucial for a company\u2019s own\u00a0employees.\nDeveloping strong relationships with trusted vendors and suppliers can also help reduce the risk of fraudulent invoices. Businesses should verify vendor details before making payments and regularly review supplier contracts to ensure that services are being rendered as agreed.\nLooking ahead, as businesses invest in advanced technologies, strengthen internal policies and educate their employees on fraud risks, the future intersection of both payments automation and fraud prevention looks bright.\n\u201cThere are a lot of changes happening across a lot of outdated or antiquated industries. We\u2019re in a\u00a0good space right now to see a lot of change,\u201d\u00a0Priority Head of Commercial\u00a0Court Toomey told PYMNTS.\u00a0\u201cIt\u2019s ironic that\u00a0one of the areas for most companies that is the most outdated\u00a0are\u00a0their financial\u00a0tools,\u00a0when just a small investment from that same team can go a long way in improving efficiency and\u00a0also\u00a0cost savings.\u201d\nThe post Invoice Invasion: Defending the Finance Department From Hidden Fraud Risks appeared first on PYMNTS.com.", "date_published": "2024-09-17T19:13:25-04:00", "date_modified": "2024-09-17T19:13:25-04:00", "authors": [ { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" } ], "author": { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2024/09/invoice-fraud-fraud-prevention-b2b-payments.png", "tags": [ "accounts payable", "B2B", "B2B Payments", "commercial payments", "Cybersecurity", "digital transformation", "fraud", "Fraud Prevention", "Invoice Fraud", "invoice payments", "News", "PYMNTS News", "Security & Fraud" ] }, { "id": "https://www.pymnts.com/?p=2100582", "url": "https://www.pymnts.com/news/security-and-risk/2024/oracle-launches-financial-crime-and-compliance-management-service/", "title": "Oracle Launches Financial Crime and Compliance Management Service", "content_html": "Oracle has launched a new service designed to help banks, FinTechs and other financial services companies identify potential financial crime and compliance issues and reduce compliance costs.
\nThe new Financial Crime and Compliance Management (FCCM) Monitor Cloud Service gives these organizations a holistic, centralized view of their FCCM efforts and provides granular reporting capabilities to help them demonstrate these efforts to regulators and other stakeholders, the company said in a Tuesday (Sept. 17) press release.
\n\u201cOracle Financial Crime and Compliance Management Monitor Cloud Service helps banks understand financial crime risk within their business so they can manage and report that risk more effectively,\u201d Jason Somrak, chief of product, financial crime and compliance at Oracle Financial Services, said in the release. \u201cWith the solution, they will be able to surface critical information and access deeper insights with much more granularity and preciseness.\u201d
\nThe FCCM Monitor Cloud Service provides chief anti-money laundering (AML) officers and their teams with a business analytics reporting system featuring a dashboard approach designed to meet their needs and access to key performance indicators (KPIs) and metrics, according to the release.
\nThe service offers interactive visualizations designed to convey information in the most compelling way for each audience; drill-down capabilities that provide more detailed data and deeper insights; data filters that enable focus on specific time periods, categories or other criteria; and report customization to meet specific requirements, per the release.
\n\u201cIt is critical for banks, FinTechs and other financial services companies to continue to improve their FCCM capabilities amidst ever-increasing sophistication in financial crime tactics, ongoing regulatory scrutiny and the rise in the overall volume of transactional data in digital banking,\u201d the release said.
\nSixty-two percent of all financial institutions said they experienced an increase in financial crime in 2022, according to the PYMNTS Intelligence and Featurespace collaboration, \u201cThe State of Fraud and Financial Crime in the U.S.\u201d
\nThe report also found that 66% of AML executives said complex regulatory requirements are a challenge, 58% said the sophistication of fraud schemes is a challenge in combating fraud, and 95% highly prioritize innovation in anti-fraud and anti-crime solutions.
\nThe post Oracle Launches Financial Crime and Compliance Management Service appeared first on PYMNTS.com.
\n", "content_text": "Oracle has launched a new service designed to help banks, FinTechs and other financial services companies identify potential financial crime and compliance issues and reduce compliance costs.\nThe new Financial Crime and Compliance Management (FCCM) Monitor Cloud Service gives these organizations a holistic, centralized view of their FCCM efforts and provides granular reporting capabilities to help them demonstrate these efforts to regulators and other stakeholders, the company said in a Tuesday (Sept. 17) press release.\n\u201cOracle Financial Crime and Compliance Management Monitor Cloud Service helps banks understand financial crime risk within their business so they can manage and report that risk more effectively,\u201d Jason Somrak, chief of product, financial crime and compliance at Oracle Financial Services, said in the release. \u201cWith the solution, they will be able to surface critical information and access deeper insights with much more granularity and preciseness.\u201d\nThe FCCM Monitor Cloud Service provides chief anti-money laundering (AML) officers and their teams with a business analytics reporting system featuring a dashboard approach designed to meet their needs and access to key performance indicators (KPIs) and metrics, according to the release.\nThe service offers interactive visualizations designed to convey information in the most compelling way for each audience; drill-down capabilities that provide more detailed data and deeper insights; data filters that enable focus on specific time periods, categories or other criteria; and report customization to meet specific requirements, per the release.\n\u201cIt is critical for banks, FinTechs and other financial services companies to continue to improve their FCCM capabilities amidst ever-increasing sophistication in financial crime tactics, ongoing regulatory scrutiny and the rise in the overall volume of transactional data in digital banking,\u201d the release said.\nSixty-two percent of all financial institutions said they experienced an increase in financial crime in 2022, according to the PYMNTS Intelligence and Featurespace collaboration, \u201cThe State of Fraud and Financial Crime in the U.S.\u201d\nThe report also found that 66% of AML executives said complex regulatory requirements are a challenge, 58% said the sophistication of fraud schemes is a challenge in combating fraud, and 95% highly prioritize innovation in anti-fraud and anti-crime solutions.\nThe post Oracle Launches Financial Crime and Compliance Management Service appeared first on PYMNTS.com.", "date_published": "2024-09-17T10:47:24-04:00", "date_modified": "2024-09-17T10:47:24-04:00", "authors": [ { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" } ], "author": { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2024/05/Oracle-1.jpg", "tags": [ "AML", "Anti-Money Laundering", "banking", "Banks", "Financial Crime", "Financial Crime and Compliance Management", "FinTech", "fraud", "Fraud Prevention", "News", "oracle", "Oracle Financial Services", "PYMNTS News", "risk management", "Security", "What's Hot", "Security & Fraud" ] }, { "id": "https://www.pymnts.com/?p=2100055", "url": "https://www.pymnts.com/news/security-and-risk/2024/ftc-to-use-paypal-to-send-refunds-in-floatme-settlement/", "title": "FTC to Use PayPal to Send Refunds in FloatMe Settlement", "content_html": "The Federal Trade Commission (FTC) will begin sending refunded money via PayPal to consumers it said were harmed by online cash advance provider FloatMe.
\nConsumers who are eligible for a payment will receive an email between now and Friday (Sept. 20), the FTC plans to send PayPal payments on Sept. 23, and recipients should redeem their PayPal payment within 30 days, the FTC said in a Monday (Sept. 16) press release.
\nThe FTC uses a variety of payment methods to send refunded money to consumers, according to a frequently asked questions (FAQ) page on its website. Consumers can visit an FTC web page to see whether the refund program in which they are involved is sending checks, debit cards, Zelle payments or PayPal payments, according to the FAQ page.
\nIn the case of FloatMe, the refunds follow an action taken by the FTC in January, in which the regulator alleged that FloatMe promised quick and free cash advances to consumers who joined it service but then failed to deliver the promised advance amounts, charged fees to get the cash quickly, made it difficult to cancel subscriptions and discriminated against those who received public assistant, according to the release.
\nThe FTC\u2019s complaint also alleged that FloatMe made \u201cbaseless\u201d claims that an algorithm or other automated system would increase the cash advance limits offered to consumers, per the release.
\nFloatMe did not immediately reply to PYMNTS\u2019 request for comment.
\nThe FTC plans to send more than $2.6 million in refunds to 449,344 consumers who were FloatMe members and paid for instant cash advances, according to the release.
\nWhen announcing the charges and the terms of a settlement order, Samuel Levine, director of the FTC\u2019s Bureau of Consumer Protection, said in a Jan. 24 press release: \u201cFloatMe lured consumers in with false promises of free money advances, and then used dark patterns to make it difficult for consumers to cancel.\u201d
\n\u201cThe FTC will continue to hold companies accountable for unfair, deceptive and discriminatory credit practices, whether they call their products loans, advances, income-share agreements or something else,\u201d Levine said.
\nFTC lawsuits resulted in over $324 million in refunds to consumers in 2023.
\nThe post FTC to Use PayPal to Send Refunds in FloatMe Settlement appeared first on PYMNTS.com.
\n", "content_text": "The Federal Trade Commission (FTC) will begin sending refunded money via PayPal to consumers it said were harmed by online cash advance provider FloatMe.\nConsumers who are eligible for a payment will receive an email between now and Friday (Sept. 20), the FTC plans to send PayPal payments on Sept. 23, and recipients should redeem their PayPal payment within 30 days, the FTC said in a Monday (Sept. 16) press release.\nThe FTC uses a variety of payment methods to send refunded money to consumers, according to a frequently asked questions (FAQ) page on its website. Consumers can visit an FTC web page to see whether the refund program in which they are involved is sending checks, debit cards, Zelle payments or PayPal payments, according to the FAQ page.\nIn the case of FloatMe, the refunds follow an action taken by the FTC in January, in which the regulator alleged that FloatMe promised quick and free cash advances to consumers who joined it service but then failed to deliver the promised advance amounts, charged fees to get the cash quickly, made it difficult to cancel subscriptions and discriminated against those who received public assistant, according to the release.\nThe FTC\u2019s complaint also alleged that FloatMe made \u201cbaseless\u201d claims that an algorithm or other automated system would increase the cash advance limits offered to consumers, per the release.\nFloatMe did not immediately reply to PYMNTS\u2019 request for comment.\nThe FTC plans to send more than $2.6 million in refunds to 449,344 consumers who were FloatMe members and paid for instant cash advances, according to the release.\nWhen announcing the charges and the terms of a settlement order, Samuel Levine, director of the FTC\u2019s Bureau of Consumer Protection, said in a Jan. 24 press release: \u201cFloatMe lured consumers in with false promises of free money advances, and then used dark patterns to make it difficult for consumers to cancel.\u201d\n\u201cThe FTC will continue to hold companies accountable for unfair, deceptive and discriminatory credit practices, whether they call their products loans, advances, income-share agreements or something else,\u201d Levine said.\nFTC lawsuits resulted in over $324 million in refunds to consumers in 2023.\nThe post FTC to Use PayPal to Send Refunds in FloatMe Settlement appeared first on PYMNTS.com.", "date_published": "2024-09-16T14:41:26-04:00", "date_modified": "2024-09-16T14:41:26-04:00", "authors": [ { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" } ], "author": { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2023/07/FTC-6.jpg", "tags": [ "Cash Advances", "Federal Trade Commission", "FloatMe", "FTC", "News", "PayPal", "PYMNTS News", "refunds", "regulations", "What's Hot", "Security & Fraud" ] }, { "id": "https://www.pymnts.com/?p=2098561", "url": "https://www.pymnts.com/news/security-and-risk/2024/mastercard-enhances-real-time-threat-visibility-with-recorded-future-purchase/", "title": "Mastercard Enhances Real-Time Threat Visibility With Recorded Future Purchase", "content_html": "Looking to expand security and threat intelligence beyond a completed transaction, Mastercard on Thursday (Sept. 12) announced it is acquiring Recorded Future for $2.7 billion.
\nAt a high level, Recorded Future analyzes a broad set of data sources to provide visibility into potential threats to help customers take action to prevent risks and create models that anticipate new attacks. The company boasts a roster of 1,900 clients internationally across 75 countries, including 45 governments, and counts more than half of the Fortune 500 companies as clients.
\n\u201cNo one wakes up in the morning and says: \u2018Today, I\u2019m going to use my payment card,\u2019\u201d Johan Gerber, executive vice president of security solutions at Mastercard, told PYMNTS after the announcement. \u201cIf you think about our hyperconnected and interdependent digital world \u2026 almost every day that goes by sees the expansion of the digital footprint. You wake up and you get a coffee, maybe you fill up your car \u2014 or you read something online, and your payment is integrated into the digital experience.\u201d
\nThat expansion has given rise to a continuum of activities that create commerce ecosystems, tied to ubiquitous mobile devices where payments are in the background. That means the fraud and attack vectors are also expanding. Fraudsters are swarming everything from account openings to how and when consumers use apps, and where their credentials are stored.
\nAlong the way, Gerber said, the lines between cybercrime and fraud are collapsing, as stolen credentials are harvested when a website is breached. The stolen credentials are used for scams and social engineering, and card and other types of fraud are rampant.
\nAccording to Gerber, the key to safeguarding trust in the future of the rapidly expanding digital environment lies in thinking about security and real-time visibility into the digital economy well beyond the payment itself.
\nGerber said one of the attractions of the acquisition is the insight into consumer behaviors and potential threats that Recorded Future will bring.
\n\u201cBy the time you get to the payment, you\u2019re almost at the last part of that digital interaction you\u2019re having as a consumer,\u201d Gerber said. \u201cSo for us to go beyond the payment really means in this specific instance, how do we look broadly across the entire digital interaction rather than specifically the payment. Now, if you think about the services that Mastercard offers today, we often talk about things that we do before the transaction, like account opening, biometrics authentication and so forth.\u201d
\n\u201cWe will continue to operate as the same company, but now with a new owner and an even greater capacity to scale,\u201d said Recorded Future CEO Christopher Ahlberg in a blog post. \u201cAs an independent subsidiary of Mastercard, we will leverage advanced AI tools and techniques to deliver threat intelligence on a global scale, empowering our analysts and clients to better protect their organizations.\u201d
\nThe payments network has made billions of dollars worth of acquisitions through the years.
\nWithin the security solutions segment of Mastercard, key focal points center on examining and protecting digital identities, protecting transactions and using insights from 143 billion annual payments to fashion real-time intelligence that can be used by merchants and FIs to anticipate new threats.
\nBy way of example, the firm acquired Ekarta in 2021 to score transactions for the likelihood of fraud through robust identity verification. All told, Mastercard has invested more than $7 billion over the past five years in its efforts to protect the digital economy.
\nArtificial intelligence (AI) is a key ingredient here, and Gerber detailed to PYMNTS that the company has been a pioneer in harnessing generative AI to extract trends from huge swaths of data to create \u201cidentity graphs\u201d that provide immediate value to any merchant or FI that wants to understand more about the individuals that\u2019s interacting with them in the digital realm.
\nThe use of other \u201cintelligence graphs\u201d connects the dots across data points to turn threat-related data into actionable insights.
\n\u201cWe already see a tremendous number of attacks and different attack vectors that we can combine with what Recorded Future sees, which means the inputs can help Mastercard clients, including governments, insurance companies, manufacturers\u201d and critical infrastructure providers, Gerber said.
\nThe new acquisition, he said, will complement and strengthen Mastercard\u2019s efforts to combat card-related fraud, scams and account-to-account fraud across the globe.
\n\u201cThis is a real investment in safeguarding trust,\u201d he told PYMNTS, \u201cso that consumers can go about their business with ease \u2026 the digital ecosystem just continues to grow, and so this will be a very important part of the defenses that we have in place to secure the future.\u201d
\nThe post Mastercard Enhances Real-Time Threat Visibility With Recorded Future Purchase appeared first on PYMNTS.com.
\n", "content_text": "Looking to expand security and threat intelligence beyond a completed transaction, Mastercard on Thursday (Sept. 12) announced it is acquiring Recorded Future for $2.7 billion.\nAt a high level, Recorded Future analyzes a broad set of data sources to provide visibility into potential threats to help customers take action to prevent risks and create models that anticipate new attacks. The company boasts a roster of 1,900 clients internationally across 75 countries, including 45 governments, and counts more than half of the Fortune 500 companies as clients.\n\u201cNo one wakes up in the morning and says: \u2018Today, I\u2019m going to use my payment card,\u2019\u201d Johan Gerber, executive vice president of security solutions at Mastercard, told PYMNTS after the announcement. \u201cIf you think about our hyperconnected and interdependent digital world \u2026 almost every day that goes by sees the expansion of the digital footprint. You wake up and you get a coffee, maybe you fill up your car \u2014 or you read something online, and your payment is integrated into the digital experience.\u201d\nThat expansion has given rise to a continuum of activities that create commerce ecosystems, tied to ubiquitous mobile devices where payments are in the background. That means the fraud and attack vectors are also expanding. Fraudsters are swarming everything from account openings to how and when consumers use apps, and where their credentials are stored.\nAlong the way, Gerber said, the lines between cybercrime and fraud are collapsing, as stolen credentials are harvested when a website is breached. The stolen credentials are used for scams and social engineering, and card and other types of fraud are rampant.\nAccording to Gerber, the key to safeguarding trust in the future of the rapidly expanding digital environment lies in thinking about security and real-time visibility into the digital economy well beyond the payment itself.\nGerber said one of the attractions of the acquisition is the insight into consumer behaviors and potential threats that Recorded Future will bring.\n\u201cBy the time you get to the payment, you\u2019re almost at the last part of that digital interaction you\u2019re having as a consumer,\u201d Gerber said. \u201cSo for us to go beyond the payment really means in this specific instance, how do we look broadly across the entire digital interaction rather than specifically the payment. Now, if you think about the services that Mastercard offers today, we often talk about things that we do before the transaction, like account opening, biometrics authentication and so forth.\u201d\n\u201cWe will continue to operate as the same company, but now with a new owner and an even greater capacity to scale,\u201d said Recorded Future CEO Christopher Ahlberg in a blog post. \u201cAs an independent subsidiary of Mastercard, we will leverage advanced AI tools and techniques to deliver threat intelligence on a global scale, empowering our analysts and clients to better protect their organizations.\u201d\nThe payments network has made billions of dollars worth of acquisitions through the years.\nWithin the security solutions segment of Mastercard, key focal points center on examining and protecting digital identities, protecting transactions and using insights from 143 billion annual payments to fashion real-time intelligence that can be used by merchants and FIs to anticipate new threats.\nBy way of example, the firm acquired Ekarta in 2021 to score transactions for the likelihood of fraud through robust identity verification. All told, Mastercard has invested more than $7 billion over the past five years in its efforts to protect the digital economy.\nArtificial intelligence (AI) is a key ingredient here, and Gerber detailed to PYMNTS that the company has been a pioneer in harnessing generative AI to extract trends from huge swaths of data to create \u201cidentity graphs\u201d that provide immediate value to any merchant or FI that wants to understand more about the individuals that\u2019s interacting with them in the digital realm.\nThe use of other \u201cintelligence graphs\u201d connects the dots across data points to turn threat-related data into actionable insights.\n\u201cWe already see a tremendous number of attacks and different attack vectors that we can combine with what Recorded Future sees, which means the inputs can help Mastercard clients, including governments, insurance companies, manufacturers\u201d and critical infrastructure providers, Gerber said.\nThe new acquisition, he said, will complement and strengthen Mastercard\u2019s efforts to combat card-related fraud, scams and account-to-account fraud across the globe.\n\u201cThis is a real investment in safeguarding trust,\u201d he told PYMNTS, \u201cso that consumers can go about their business with ease \u2026 the digital ecosystem just continues to grow, and so this will be a very important part of the defenses that we have in place to secure the future.\u201d\nThe post Mastercard Enhances Real-Time Threat Visibility With Recorded Future Purchase appeared first on PYMNTS.com.", "date_published": "2024-09-13T04:01:43-04:00", "date_modified": "2024-09-12T21:35:28-04:00", "authors": [ { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" } ], "author": { "name": "PYMNTS", "url": "https://www.pymnts.com/author/pymnts/", "avatar": "https://secure.gravatar.com/avatar/f05cc0fdcc9e387e4f3570c17158c503?s=512&d=blank&r=g" }, "image": "https://www.pymnts.com/wp-content/uploads/2024/09/Mastercard-recorded-future.jpg", "tags": [ "acquisitions", "Christopher Ahlberg", "Cybersecurity", "digital transformation", "Featured News", "fraud", "fraud detection", "Fraud Prevention", "Johan Gerber", "MasterCard", "News", "PYMNTS News", "pymnts tv", "Recorded Future", "Security", "video", "Security & Fraud" ] } ] }