Mayhall Fondren Blaize

Companies, business law attorneys work to stifle data theft scams

Louisiana businesses are in the tax season when they must prepare and provide W-2 forms to employees. This is a process that must be meticulously monitored and restricted by company protocols to prevent theft of the data from these forms. Hackers use techniques of what in business law is called social engineering to defraud businesses into turning over the data from W-2 forms. They can then file bogus tax returns and fraudulently obtain tax refunds.

These techniques are used for other identity fraud purposes in addition to filing bogus tax returns. One principle of social engineering is based on the hackers getting the confidence of one or more key players in the company. They may use the information derived from the  relationship to launch email phishing scams, bogus invoices or interactive voice response messaging schemes to obtain confidential client data. Once this happens, the company will of course face lawsuits and possible class actions by disgruntled customers.

Such data may include names, addresses, credit card information and other personal identifiers. Fortunately, companies can plan to prevent the success of these fraudulent scams. Training and education of personnel is the first place to start. A knowledgeable employee who is looking out for the warning signs of a cyber attack can react quickly and effectively.

Caution should be used in opening suspicious or unsolicited emails, especially from unknown parties. Internal procedures can be established to require dual signatures and approvals of any tasks that involve release of vital data. A company may also set up a protected internal email system that will have safeguards from allowing entrance to rogue senders.

In addition, Louisiana businesses may purchase crime and cyber protection insurance that will pay some or all of the damages incurred. These are highly specific policies that must be studied and reviewed to determine the exclusions and whether the protection is worth the cost. The company will want to first put in place the foregoing training and internal protective protocols prior to purchasing insurance. Consultation with a business law attorney is always an added protection and can  assure that all products and measures adopted are being handled legally and appropriately.

Source: insurancenewsnet.com, "Insuring Your Business Against Social Engineering Fraud", March 12, 2018

No Comments

Leave a comment
Comment Information