Month: March 2018

Not all fraud is blatantly obvious – or even intentional. Having safeguards in place to catch inconsistencies and deter theft is the best way to protect your business.

When most people think about business fraud, their minds immediately jump to big corporations, greedy C-level employees, and complicated schemes. The truth is, however, most business fraud doesn’t make national news, and doesn’t impact big businesses. It frequently happens on a smaller scale to smaller businesses, and quite often when employees are involved, it’s not even intentional on their part.

Cybercrime still relies heavily on social engineering tactics, smoothly tricking employees into becoming unwitting accomplices – often without them or anyone else being any the wiser until it’s too late. Scammers looking to steal funds rather than data have a series of tried and true methods of getting the access they need, and without checks and balances in place to verify that money and information is coming and going only as it should, they can succeed more often than not.

Making changes to the way your business deals with these 8 areas of your operations can help to catch unauthorized transactions and uncover suspicious activity – both within your organization and from exterior sources.

Cash Flow and Bank Statements

Placing a single employee — one who IS NOT authorized to make or approve monetary transactions of any kind — in charge of opening bank and credit card statements and reviewing signed checks, purchase orders, and expense reports and reimbursement requests is a simple way to catch fishy transactions. Have statements delivered to this employee unopened, guaranteeing they’ll be the first person to see them. This will stop employees from trying to cover their tracks, either with malicious intent or because they’re trying to hide a mistake.

Making it mandatory for any employee with spending or purchasing power to pass a background check and a credit check is also a smart idea.

Payments and Purchases

Depending on the size of your team and whether or not you have multiple offices, designating a single person – preferably the owner, CEO, or CFO – to sign checks and authorize payments and purchase orders will cut down on the number of people able to access your business’ funds. Have your accounting department filter all of their requests through this single individual, and require their permission to process any form of payment or money transfer.

With a single person keeping tabs on the money flowing in and out of your accounts, it’s easier to spot phishing attempts that use spoofed emails to request money be moved to a fictitious account that supposedly belongs to a partner or client.

Vendors

Ensure that only management has the ability to add new vendors to your system. Not only is a phony vendor a common way for an employee to skim funds undetected, it’s also possible for a hacker who has quietly gained access to your network to do so as well. Every new vendor should be thoroughly vetted by the business owner before any information is shared with them, or any money changes hands.

Payroll and Employees

As with vendors, a phony employee tacked onto the payroll is an easy way for a hacker to steal funds without raising suspicion. A fake employee scam is much harder to pull off when you have a small team working in a central office, but if your business relies on remote employees or contractors, it’s crucial that only the business owner be able to approve names added to the payroll.

All paychecks should be reviewed and signed off on by a single person — again, ideally the owner or CFO — and any requests for vacation pay, bonuses, raises, or other payouts submitted by HR or Accounting need to be approved by that same person.

Subcontractors

When working with an outside company – such as an IT provider – either for a specific project or as part of an ongoing agreement, it’s critical that you take the time to verify they are a legitimate company. Monthly payments or ongoing expenses should be reviewed thoroughly before any payouts are approved. If a project is over budget or new expenses have been added to an existing agreement, speak with your subcontractor right away to verify that these additional charges are coming from them – and with good reason.

Policies and Procedures

The only thing more important than having policies and procedures in place that dictate when and how purchases and payments can be approved is how well they’re enforced. Having a zero-exceptions rule in place for all employees, regardless of their position within the company, can help keep unauthorized transactions from slipping through the cracks. If you get into the habit of shrugging off unusual payments by assuming someone who works closely with the boss or CFO put them through without prior authorization, a hacker or scammer can easily slip a phony request for funds into the right inbox and get away with a theft undetected.

Inventory

While much less common than phishing emails asking for funds to be transferred, your inventory system can still pose a risk to your business where theft and fraud are concerned. Much like with phony vendors or employees, it’s much more likely that someone inside your business would intentionally alter or falsify inventory reports for financial gain. That being said, it’s still possible for a hacker who has access to your network to use your inventory system to profit from your business.

Having a single employee who isn’t authorized to approve purchases or payments to verify that inventory counts are accurate and purchase requests are legitimate can catch discrepancies that can lead to a financial loss for your business.

Creating a system of accountability and oversight can spot suspicious activity throughout your organization. This type of system, paired with up-to-date and properly managed and maintained network security measures, can protect your business against the financial and reputational damage of theft and fraud – whatever the source may be.

You May Be Sabotaging Yourself!

This latest cyber-attack uses Windows Installer to download malware onto your computers. What is CVE-2017-11882, and what does it do? How should you detect and protect against it? What other similar malware attacks have come up in the past? These are all questions you should be asking yourself in order to develop the best defense against this type of attack.

It seems like just when we’ve learned how to protect against one type of malware, four others pop up. Recently, Microsoft began combating CVE-2017-11882, which exploited a vulnerability in Microsoft Office. Then, just as expected, as one weakness was fought, a new one popped up. CVE-2017-11882 exploited a new vulnerability within the Windows Installer.

The previous version of CVE-2017-11882

The previous version would exploit the vulnerability using windows executable msht.exe, and then run a PowerShell script which would download and execute the payload. The problem with this is that while previous versions have edited Microsoft Installer, this version doesn’t edit it. What it actually does is use Microsoft Installer for the exact purpose that it was built for, to install things. Only this time it forces it to install malicious programs on your computer.

The new attack uses msiexec.exe as part of the Windows Installer service. For example, the user could receive an email with an attachment. Since the attachment seems legitimate, the user opens and begins downloading it. This attachment installs a malicious MSI package through the use of CVE-2017-11882. This then, in turn, releases either an MSIL or a Delphi binary. This binary will then launch another instance of itself. This duplicate binary is then hollowed out to create a new home for the new malware payload.

How does CVE-2017-11882 go undetected?

This package provides a compression layer that file scan engines need to process and enumerate in order to detect the file as malicious. This is similar to movies where the complicated retina scan needs is needed to gain access to a specific area of the building, yet the spy is still able to get in, due to his fancy contact lens. The system scans the lens and thinks that he is an authorized user, and allows him passage. Similarly, because of this compressed file mask of sorts, it’s hard to detect and identify the actual payload since it is contained in the heavily obfuscated MSIL or Delphi binary.

What can we do to protect against CVE-2017-11882?

Sometimes there are simple solutions to significant problems. For example, one of the easiest ways in which you can defend yourself and your business from CVE-2017-11882 is by having a strong email policy for your company. You should use strong passwords, with both capital and lowercase letters, as well as some symbols. You should never write passwords down, or use the same password for multiple accounts. Doing so can result in a hacker not only having access to your email but also to any and all accounts. Also, you should change your passwords often; it is recommended to change them every two months. This way you can stay ahead of the hackers before they have an opportunity to figure out your password, you will have already changed it.

Email and Passwords

Besides password strength, you should also focus on training employees about the dangers of email attacks, such as those that use the Microsoft Installer. It’s vital that they are trained not to click or open any suspicious emails. For example, employees should be trained to recognize phishing emails that may carry malware, and also to know how to isolate and flag these emails. This way other employees are immediately notified of the email, and won’t themselves fall victim. Employees should always check emails and names of unknown senders to ensure they are legitimate. They should always look for inconsistencies or style red flags such as grammar mistakes, capital letters, or excessive use of punctuation.

Restrict or disable Windows Installer

A second way to protect yourself is by limiting or completely disabling the Windows Installer itself. This would prevent potential attackers from being able to install their malicious software on your user’s systems. This way, only the system administrator could install programs. Controlling the access and spread of these attacks can significantly help your company to protect itself. Rather than trying to put out fires all over the place, you can then focus on one area and defend it appropriately.

Microsoft Recommendations

Microsoft recommends that if you think that you are infected with this malware, you should use your security software to detect and remove the threat. Remember to use appropriate software based on which operating system you are using. Microsoft states that Windows Defender works best for Windows 10 to detect and remove this malware. Microsoft Security Essentials works for Windows 7 and Windows Vista and has the appropriate defense and removal for this malware. After detection and removal, you should update your software to further protect yourself from future exploits.

Similar previous attacks

Attacks like this are not rare in the least. For example, in November of 2017, there was also a vulnerability in Microsoft Office 2000. This flaw allowed hackers to install malware without user interaction. So, while you were just writing a report in Microsoft Word, hackers were downloading malicious malware into your computer without your knowledge or permission. This could easily be fixed by updating software, such as using only the most recent form of Microsoft Office, so that your computers and networks are protected against the latest of threats.

We should stay vigilant, to protect our network and our businesses. Knowing what is out there and what can wreak havoc on your business is half the battle. The other half is updating your staff and your software to ensure that you are providing the most vigorous defense possible. Look for vulnerabilities in your system and business. Additionally, it is crucial to stay up to date with the latest cyber-attack news. This will keep you in the know as far as what is out there, and what potential threats can affect your business.

 

Nobody likes doing taxes, but everyone has to. Make sure you know when you and your company need to file them this year.

For individual taxpayers, the tax due date is usually the same each year: April 15th. The only exception is when April 15th falls on a weekend. Then, the IRS typically extends the due date to April 16th or 17th. The same is true for those filing an extension. Extensions are due on October 15th unless that date falls on the weekend. Then it is usually extended to October 16th or 17th. This rule also pertains to holidays. If the filing date falls on a holiday, then everyone gets an extra day or two to file.

Rules for Filing Dates for Business Owners

For business owners, the filing dates are not that simple unless your business is a sole proprietorship or single member LLC. Those filers typically must use the same dates as individual taxpayers. However, business owners may be required to file on other dates depending on several factors.

For business owners, the filing date is affected by what type of business entity it is. That’s because the type of business entity determines the company’s fiscal year. If your business is an S Corporation or an LLC, it is considered a flow-through entity and the taxes are due on the fifteenth day of the third month of the fiscal year, which is commonly March 15th (or March 16th or 17th if there’s a holiday or weekend involved).

The filing date for extensions for an LLC and S Corporation is September 15th, unless that date falls on a weekend or holiday. Then it might be extended to the 16th or 17th.

Partnerships

The tax return for a partnership should be filed on the 15^th day of the 3^rd month following the end of the company’s tax year. For example, if year-end for your business is December 31^st, then the due date for tax filing is March 15^th. Remember that these dates will change if the filing date falls on a weekend or holiday. March 15^th (16^th or 17^th) is also the date when the individual partners should receive their Schedule K-1. This document shows each partner’s individual share of income or loss. Partners must have this document in order to file their individual tax returns, which would be due approximately one month later.

Limited Liability Company (LLC) with Multiple Members

Multiple-member LLCs may be taxed as partnerships in some states. If this is true where you live, then the filing dates remain the same as for a partnership. The date for distributing Schedule K-1 to the partners is the same as well or March 15^th.

If the LLC ceases to exist, whether the company goes out of business or is moved into a C Corp, it’s important to file a short tax return right away. In most cases, the partners only have three and a half months to file this return. If partners fail to do this, the IRS may charge additional monthly penalties on top of regular tax liability.

In situations where a multiple-member LLC is taxed as an S corporation or regular corporation, the following rules apply:

• Choose the most convenient filing date for your corporation. The only requirement is that owners have not filed a Subchapter S election. Quarter end dates are typically chosen.
• Corporate tax returns are due and payable on the 15^th day of the fourth month following the company’s fiscal year.
• For a Subchapter S Corporation, taxes should be filed on the same filing date as the individual owner’s personal tax return. The Schedule K-1 shows the individual income for each owner. S Corporations are most often filed using a calendar end date of December 31^st unless the corporation can show a valid reason for changing the date.

Charitable Organizations & Nonprofits

Charitable organizations and other nonprofits must file their taxes on the 15^th day of the fifth month after the end of the organization’s fiscal year. In most cases, these organizations must file their taxes by May 15^th. Charitable organizations only qualify for three-month extensions instead of six months. So, extensions would be due by August 15^th.

Tips for Success

Learning the correct tax dates for filing is one of the big challenges for new business owners. Since the penalties can be exorbitant, many tax experts recommend setting up a tax calendar for your business. You can learn the dates by going online or speaking with an accountant. Some people prefer setting up an actual calendar with the dates circled that they can place somewhere in their office. Others prefer setting up a digital calendar using an app or Google.

This can prevent you from worrying about whether you’ve got some type of quarterly filing coming up soon. Business owners certainly have enough to worry about so solving an important issue like tax filings will relieve some of that stress. After you’ve got your tax calendar set up, ask someone in the know to check it over for you and make sure everything is correct.

Penalties & Interest

Filing your taxes on time and correctly is important for both individuals and companies. If you miss a filing date, penalties and interest begin to accrue immediately. The IRS will make no exceptions to these rules. That’s why it’s so important to know when to file and what forms you should file. If you aren’t confident in your ability to file a business tax return, hire a professional. Because of their expertise and experience, an accountant can often save you more than enough money to pay for their services.

Even if you have a professional accounting service doing your taxes for you, it can be a good idea to double check and make sure everything was filed on time each quarter and year-end. Most accountants will not only notify you, but they will send you copies of what they filed on your behalf.

Remember that filing an extension does give you extra time to pay, but it does not stop interest and fees from accruing.

Reducing your Tax Burden with the Right Strategy

There are so many ways to reduce your tax obligation. All it takes is a bit of strategy and planning. An accountant can recommend the best options to help your business take advantage of perfectly legal strategies. For instance, a 401k can be set up for small business investments, real estate, and hard-money lending. This can allow your company to defer taxes on profits.

Your company can make investments in automobiles, property and other big-ticket items. It can also purchase rental property. In many cases, those with rental property can show losses throughout the year due to property maintenance, interest and other charges. Many company owners hire their spouse and/or children. Though they will need to be assigned an actual job with weekly duties, this can be a powerful tax saving tool.

There are so many other ways for businesses to save money on their taxes each year. Don’t be afraid to discuss every legitimate method with your accountant.