Intro to Account Takeover Attacks

toronto-corporate-private-investigations

Organized crime has taken over the internet in recent years. Any web-based account that deals with finances, gaming, retail and other consumer-facing services are under threat of attack from bot armies that are used by unscrupulous individuals.

Cyber criminals have made a very lucrative business out of Account Takeover attacks (ATO attacks) by selling the data from compromised accounts to fraudsters who, in turn, use it to commit cyber crimes that take advantage of mobile games, reward programs, financial services, retail services, and any other web-based service for consumers. It is predicted that there will be a huge spike in ATO attacks this year because of the massive number of data breach in 2015.

ATO attacks are dangerous because the accounts used were created by real users. Mass-registered fake accounts do not contain sensitive personal information but these accounts do, which makes them less suspicious from a security standpoint and therefore they are used to bypass security measures once they get sold to the underground market.

The types of financially motivated downstream attacks that uses taken over accounts are:

Spam

A service feature that accepts content from registered users is vulnerable to an attack by a taken over account. Attacks like this are usually done to askew ratings and degrade platform integrity.

Virtual Currency Fraud

Points from promotions, in-game virtual items, and promotional credits are harvested for real world cashing-in.

Financial Fraud

E-commerce or financial services that store member’s banking details are the targets. The Account takeover attack is performed by making unauthorized withdrawals from credit cards, debit cards, and bank accounts on file.

Phishing

In phishing, the attackers usually use a compromised account to launch phishing attacks within that account’s known contacts to steal their personal information, credentials, or sensitive data as well.

The ATO Army

Those performing account takeovers these days are often organized crime rings that have access to a huge number of bots that they can use to try to crack passwords. One data security company reported discovering an attack at a known retailer website with more than 300,000 failed log-in attempts from only a handful of locations.

Although the success rate was only 8%, it is still chilling how cyber criminals managed to use accounts that are fully registered and are from real people who have no idea that their accounts has been taken over.  What is even more chilling is that the credit card numbers on file were also attempted to be validated by the cyber criminals by using the data on the users’ profile pages.

User accounts that have been taken over are exploited by the fraudsters are not the only ones that are going to suffer from an ATO attack. Brands that have fallen victim will also have to deal with harmful effects on their reputation, something that will have a more long-term effect.

Need help getting your account back, investigating a case of ATO attack, or wanting to devise a plan to prevent a future attack? Then have a chat with your Toronto private investigators. Contact us for an initial consultation today!

3 Questions All Background Checks Should Answer

toronto-private-investigations

Background checks can also be as simple as those offered in $10 internet site, a bit more involved as the typical pre-employment ones, and as complex, thorough, and expensive as those performed by government agencies. It is entirely up to you to choose which type would suit your needs. Just keep in mind that matter what type of background check you go for, it should answer the 3 questions below.

Was the person involved in any types of serious issues in the past?

Not everyone is an axe murderer, but it will be a lot safer for you to deal or work with someone who has not been convicted or charged with serious crimes in the past.

Background investigations can turn up records of minor run-ins with law such as indecent exposure, petty theft, drug possession, or juvenile delinquency, but it can also turn up a history of very serious offenses such as rape, homicide, assault, larceny, or grand theft. Though it is true that people can turn their lives for the better after being charged or convicted of these crimes, you will be surprised that quite a number are actually repeat offenders!

It should be noted that while some low-cost background checks can provide you with some data on criminal records, their access is often limited and will often not include recent cases.

Is the person saying the truth about who they are?

With identity theft increasingly becoming common these days, you will surely want to make sure that the person’s name, address history, birth date, and other important details truly match the person they claim to be. This is one way you can be sure that who you are dealing with is not a con artist.

Aside from the basic personal details, other details you may want to verify are education history, professional licensing, and employment history. Lies about these details red flags in any type of relationship, professional or romantic ones.

Is there an issue that the person is a ticking time bomb who manifests warning signs of future problems or exhibits any other character issue?

Issues like being involved in various lawsuits, history of financial troubles, a lifestyle that does not match with their means, repeated DUI offences, or getting fired again and again are all warning signs that the person could be more trouble than you are ready for.

We are not saying that you can’t give someone a chance to prove themselves first, but we do believe that knowledge is power. Access to information that is not publicly available can be provided by seasoned private investigators and can save you money, time, and heartache down the road. Although background checks cannot give you the full 100% answers to the questions above, a legitimate background check can at least provide you with much-needed information to enable you to make smart critical decisions that can affect your life, family, or company in the future.

Looking for a Toronto private investigator to help you with some background checks? Take a look at our private investigation services and see which one will suit your needs. We welcome questions and inquiries. Contact us today!

 

Hot Tips for Preventing Data Theft

business-fraud

In this information age, your data is worth its bytes in gold. In a 2015 Cost of Data Breach Study conducted by IBM, the average cost of a data breach in 2015 is $3.8 million! That’s a 23% increase over the results of the 2013 study and shows just how important it is more than ever to protect your data from thieves and criminals. Below are some expert tips on keeping your business’ sensitive data away from thieves.

Manage Data Storage and Access Properly

  1. Lock Away Paper Files or Abolish Paper Files Altogether

Your paper files are not safe even when they’re not the most updated reports you have. When your paper files are no longer needed, it’s best to shred them as soon as possible. The must-shred paper list includes extra boarding passes, luggage tags, credit offers, trip itineraries, vendor payment stubs and invoices, canceled checks, and price lists.

  1. Implement Data Privacy Controls in All Aspects

If you used contractors and third parties, they must have the same level of strict data control that you have. It helps to audit them using your own standards.

  1. Limit Access to Sensitive Data

If someone has no need to know something, then that person should not have access to that information to begin with. This prevents your data getting compromised in case of a security breach.

  1. Assess What Needs to be Protected

Different businesses have different needs and thus, will need different levels of data protection. Hiring an outside expert to help you audit your current protocol and assess your weaknesses. Clients and customers tend to trust businesses that have undergone outside data assessment.

Upgrade Your Technology

  1. Protect all Electronic Devices and Computers

Use passwords so you can easily wipe your data remotely if your gadget gets compromised.

  1. Enable or Install a Firewall

This prevents outsiders from getting access to your computer network.

  1. Encrypt Your Data

Using encryption for sensitive information protects them and should be installed on company-owned devices.

  1. Safeguard Your Wireless Network

Having a strong password and encryption prevents outsiders to see your network and hop on to it.

  1. Activate 2FA

Two-factor authentication is your extra layer of protection. Thieves can guess passwords, no matter how secure you think they are.

  1. Use Internet Proxy

If you’re using free internet at a café or an airport, other people can sniff out your traffic. Proxy services can prevent that from happening.

  1. Limit Movement of Personal Information

Information should not be transferred to a portable medium. Access should be in-house.

  1. Install Anti-Spyware and Anti-Virus

And don’t use free security software because they don’t often provide enough security. Make sure that your anti-spyware and anti-virus are updated regularly as well.

  1. Be Extra Vigilant in Protecting Sensitive Data

Regularly remove personal information from online databases, more so if no longer needed.

Get Your People Involved in Data Protection

  1. Make Strong Passwords a Requirement

More than 70% of all breaches are because of bad password choices or just poor management of passwords. The more complicated a password is, the better.

  1. Implement A ‘Clean Desk’ Policy

No papers should be on anyone’s desk or workstation if an employee is not there. Every desk should have a lockable drawer.

  1. Have Policies for Personal Devices

Company computers should be on a different network that’s open to outsiders and/or personal devices. Malware-infected personal devices can steal corporate information if connected to the same network.

  1. Have Social Media Policies

Have a restriction list of what can be shared and not shared via social media. Even an innocent brunch meeting posted on social media can cost you money if that meeting isn’t supposed to be known publicly.

  1. Train Employees to Recognize Smishing and Phishing

Outsiders will use social engineering techniques to gain access to your information. Some will use link baits and some will use programs that your employees can unwittingly download and infect your computers.

  1. Know That Mistakes Are Totally Normal

Wrong people can have access to certain files because of human error. The best thing you can do is enforce limits so that breaches and mistakes are kept nearly non-existent.

  1. Treat Your Employees Right

Angry or unhappy employees can be your most serious vulnerability because unhappy people get emotional and might do things that they’ll regret later on. Treating your employees with respect will minimize the likelihood of something like this from occurring.

Need expert help for preventing data theft in your business? Risk assessment and management are just some of our services! Consult with Toronto’s premier private investigators and don’t be left behind. Contact us today!

Short-Term Rental Scam on the Rise?

toronto-fraud-investigators

If you’re a frequent traveler or planning to go on a trip, then you’ve probably heard or perhaps have used online home-sharing portals such as HomeAway, Airbnb, and VRBO. These online home-sharing portals are changing the way people travel and find accommodations and with that change, is the increasing number of fraudsters who victimize people opting for hotel alternatives.

Short-term rental scams usually target travelers who are looking for a great deal. The most common short-term rental scam involves booking a short-term rental place online, being asked to pay in full, and then finding out later on that the place you’ve rented does not even exist. That’s the advance-fee scheme. There’s actually quite a few schemes that are being constantly used by short-term lease fraudsters, and it would not hurt to learn more about them below:

Hit and Run

The fraudster basically just takes your money and runs in this scheme, just like in advance fee scheme. You’re lured in by a fake listing through a website that is using either stolen photos or misrepresented ones. The address is either fake or could be real, but there is no property to rent. Once you’ve wired or transferred the money, the scammer simply stops replying or might even pick you up, get your money and then drop you off at the site only for you to find out later that the real owners are not renting their place out.

Bait and Switch

In this scheme, the fraudster would show you beautiful properties (that are not even available) only to inform you in the last minute that what they have available is a less-desirable property because they’ve accidentally double-booked their place. You’ll be forced to stay at the less-desirable property thinking that you’re still lucky to get short notice accommodations while the fraudsters still make a profit.

Price Jacking

This scheme is similar to bait and switch in the sense that the renter still gets accommodations but the terms are not as previously agreed.

Phish and Hack

The fraudster hacks the real rental property’s owner’s email address and phishes travelers by using deceptive emails that place them as the owners. This way, the fraudster will be able to collect payments.

Protecting Yourself

Because it is nearly break and vacation season, scams like these will be at their peak again. If you’re a renter or someone who is in the short-term rental business or a participant in the home-sharing economy, you will want to be able to protect yourself. You can do so by looking out for red flags such as:

  • Emails with bad grammar. Real management companies and property owners will not send emails nor maintain websites that are teeming with bad grammar.
  • Mode of payment is strictly Moneygram or Western Union. Most managers and owners would have another option to pay through a more secure means such as Paypal or via credit card.

As for more proactive means of avoiding short-term rental scams, you can protect yourself by communicating via phone or via Skype call. This allows you to ask questions as well as ask for references without the possible scammer being able to give excuses after excuses.

If you work in the business or work with people who are part of the home-sharing economy, feel free to share this article to help with spreading awareness about these types of scams. Fraud prevention is everyone’s business because every case of fraud affects each of us in some way. Do not hesitate to contact our team of private investigators in Toronto if you need more help.

 

5 Ways to Minimize Workplace Harassment and Discrimination

workplace-harassment

Workplace harassment and discrimination are more common than you think. In some instances, employees may be able to report the incident but more often than not, they are reluctant to report incidents for fear of retaliation or that they will be singled-out. As an employer, it is your duty to provide a safe and comfortable working environment for your employees – that’s something that you can only do when you’re aware of incidents and promptly act on them.

Recognize When Harassment and Discrimination Occurs

Your commitment to company policies and productivity is reflected in how effective you are in recognizing signs of workplace harassment and discrimination. Does a particular area have an unusually high turnover rate? Can you spot distressed employees and get them to tell you what’s causing their distress?

Be Able to Communicate with Employees

Regular communication allows you and your managers to recognize early on when someone is not acting the same way. An employee that’s usually open and talkative and then suddenly becomes reclusive is a sign that’s something is wrong. This could be about a personal issue but could be a sign that the change was brought upon by something in the workplace if actions are prolonged. When you encourage open communication, your employees will be more comfortable about discussing sensitive topics that will help you come to a solution if the problem is within your company.

Observe the Workplace

By simply asking questions and making yourself available for communication, you will be able to have access to concerns that may not be visible to you but are very obvious to your employees. More so, your physical presence alone is a major morale booster and can be a good reminder that any form of discrimination and harassment will not be tolerated when you’re seen acting on incidents right away.

Record and Analyze Employee Performance

Tracking employee performance can help you determine cases of workplace harassment and discrimination. Negative trends such as unexplained sick days, being tardy, and decreased performance of a normally productive employee can be because of incidences of discrimination or harassment. Although other reasons could be at play, it is better to be able to act on what you can change sooner.

Monitor Resignation Reasons and Turnover Rate

If good employees are repeatedly leaving your company out of the blue, it is time to sit down and assess what could be causing this. If they are being offered better opportunities elsewhere then perhaps you simply need to make a counter offer but if employees keep on resigning on jobs that they seem to enjoy, then there could be a deeper reason. Conduct exit interviews to have a documentation of reasons why your employees resign. Even if you do not find any cases of workplace harassment and discrimination, you’ll at least have an idea of what can be improved as far as your employees are concerned.

Keep in mind that different industries will feature different forms of discrimination. It is your responsibility to assess, monitor, and prevent incidents of workplace harassment and discrimination in your various work settings. You may use a reporting system and get expert help from private investigators to uncover issues within your organization. Your employees deserve a work environment that they feel safe in so that they can focus on their productivity.

Suspecting incidents of workplace harassment and discrimination at your organization? Have experts find out for you what’s really going on! As the leading team of private investigators in Toronto, we pride ourselves on conducting thorough corporate investigations and surveillance to resolve issues like this for you. Contact us for an obligation-free initial consultation today!

 

March is Fraud Prevention Month!

 

fraud-prevention

Fraud and scams are everywhere. Just these past 3 months, Canadians has been continuously warned by RCMP about telephone scams involving the Immigration departments and Revenue Canada that has been extorting money from residents. More than that, there are ransomware stings that are targeting companies and have cost a loss of more than $3 million just this past year. There were also about 18,000 extortion-related complaints that have cost Canadians about the same. It is time to arm ourselves with knowledge and do what we can to stop these frauds right in their tracks!

Our Biggest Losses

The Canadian Anti-Fraud Centre shares that the biggest dollar loss by individuals was by 990 persons who were victimized by romance scams. The victims have lost about $16 million just for scams related to internet dating. Investment scams are not far behind at having a victim toll of 268 and a loss of $8 million. Prizes scams resulted to people being swindled out of $7.1 million, spear phishing about $6 million, and extortion scams coming in at $3.1 million. Fake infected computers and fake service warnings fooled 5,700 residents out of their hard-earned $2.8 million.

If you’re into information technology, data handling, or a CISO (Chief Information Security Officer) then you know just how serious the fraud situation is and why it is important to educate people about Fraud Prevention Month, even if just for consumer awareness.

Guide to Fraud Trends and Other Threats

KMPG Canada released their Cyber Watch guide with the aim of creating awareness for protecting one’s self from cyber and fraud-related threats. They include:

  • Combating the increased extortion-driven stacks and ransomware attempts by knowing where your valuable data is stored and keeping it safe either by having backups and/or having a sound recovery strategy. As for ransomware, protocols have to be in place and all employees must be made aware of them.
  • Organizations have to be on top of all the changes in security and be ready for governments, courts, consumers, and privacy commissioners pressuring them to be more transparent about their breach notification and cyber security readiness.
  • Organizations have to be prepared for possibly needing to write and develop their own software as mobile-related vulnerabilities continue to increase. This includes employee education about the possible malware carried by apps to prevent leakage of data.
  • Organizations will have to focus more on improving threat detection versus prevention as a primary tool to be always be one step ahead of attacks. Real-time intelligence tools should be used more to protect the sensitive information one may have. Intelligence is not just about prevention, it is about identifying threats, mitigating them, and responding to them.
  • CISOs will have to be vigilant towards risks posed by suppliers and partners. Being hacked through a supplier happened in 2014 for U.S.’s Target stores in 2014. A full audit may be needed to identify and monitor security gaps.

Fraud Prevention Month Ongoing and Future Events

The Canadian Federation of Independent Businesses will be having another webinar tomorrow, March 10, 2016 (same as yesterday) as part of the Fraud Prevention Month events. The webinar will be about preventing fraud in small businesses and will start at 1 p.m. Eastern. The French version is scheduled today.

A Twitterchat by the Financial Services Commission of Ontario is scheduled today from 1 to 2 p.m. Eastern. Follow hashtag #Fraudchat to know more. A repeat of this is scheduled on the 31st of March.

Lastly, the Better Business Bureau declared the 15th of march as Password Reset Day. Know more about your password’s vulnerability from out blogs on the worst passwords list and protecting your privacy.

Want to know more about fraud prevention? Then be sure to stalk your Toronto private investigators’ blog for updates and news. Need fraud detection assistance? Contact us today!

10 Modern Tips to Protect Your Privacy

online-privacy-tips

Privacy is becoming increasingly precious these days. It is now often too easy to look up someone and have access to their important data just by using certain websites. Some companies even claim that they’ve got access to your income, address, family, phone number and more for a fee. Though it is true that not everyone who wants your details are bad guys, is that something you’d want to risk?

Leave Important Data Out of Your Social Media Profile

The people who need to know where you’ve been born, when’s your birthday, and what your phone number is already have those data. There is no need to share all of that in your Facebook profile. More so, these data can be used to hack into your other accounts, like your internet banking one.

Add a Password to Your PC

You may trust the people you live and/or work with, but what if your computer gets stolen or gets lost? The same goes for your smartphones and tablets. A passcode helps you prevent a stranger from accessing your personal data as long as you’re not using the worst passwords there is!

Your Social Insurance Number is NOT for Sharing

Unless you are 100% sure that you’re talking to your bank or credit company or someone who has a legitimate reason for knowing your social insurance number, there is no need to disclose even just a few digits of it unless you’re asking for your identity to be stolen.

Use Private Browsing

Some browsers can automatically save your password and log-in details as well as auto-fill forms, leaving you vulnerable to people who want to know your browsing history, preferences, and other data. By using private browsing in your browser, you automatically delete your browsing history, cookies, and temporary internet files after you close your browsing window.

Use a Password Vault or a Password Manager

Password managers can help you keep track different unique passwords as well as generate hard to guess ones for all your different accounts. This way, you’ll be less vulnerable to phishing attacks as well as hacking attempts.

Turn on Two-Factor Verification

Services and social media such as Twitter, Apple ID, Microsoft, Dropbox, Facebook, and Google now offers a two-step verification process that is triggered when you log-in or access your account from an unknown device (a device you’ve never used to log-in to your account before). Two-step verfication only allows you to log-in after you input the unique code that will be sent to your phone or email for every log-in attempt, thereby adding an extra layer of protection even when someone is able to guess your log-in details.

Make Your Social Network Activity Private

Check your Facebook privacy settings and make sure that you’re not sharing more than you want to. Do you know that Viber sends your location to whoever you are talking to unless you turn the location off? The same goes for Twitter. Even YouTube lets people see what videos you like unless you choose to make your history private.

Pay in Cash

Some credit card companies sell your data to advertisers, and they’re interested in what you’re spending on! Don’t give them any data at all by paying for your purchases in cash.

Google Alert is Your Friend

Want to know when someone is saying something about you on the web? Set up a google alert for your organization’s name, your business name, or your name. Google will email you when content gets published mentioning your search terms.

Use Incorrect Information When Setting Up Password Security Questions

Since your birthday, favourite colour, mother’s maiden name, and the city where you were born are often easily searchable through social media, using these data when setting up your password security questions can leave you very vulnerable to hacking attempts. The answer? Lie! The pre-set questions can’t be changed so simply create a whole new set of answers that only you will know, perhaps use a character from a book’s data to make things easier to remember.

Concerned about your privacy and need help protecting your personal data? Allow the top private investigators in Toronto to help you! Our various personal investigation services and decades of expertise can help shield you and loved ones from cyber attacks, phishing attempts, and hackers. Contact us to know more about how we can help!

5 Tips to Reduce Your Public Liability Claim Risk

toronto-PI

Running a successful business means managing the aspects of your business that may not seem overtly important, such as risk reduction. If your business involves anything that may cause indirect or direct injury or bodily harm to anyone, or to someone’s property, then you now have a responsibility to the public and is at risk for a Public Liability claim.

Because of the risk discussed above, your business is in danger of getting severely affected if something does happen. Your best course of action is to set guards in place so that you won’t have to worry about a Public Liability claim and can concentrate on running your business efficiently. To help you with this, we’ve compiled 5 tips on how you can reduce your risk of a Public Liability claim below.

Have Sufficient Safety Measures in Place

Too often, businesses skip implementing having safety measures because having so seems to be a waste of money that could otherwise be invested in the business. What most fail to realize is that that looking into safety measures is a business investment because it can save you money in the long run.

Have the Right Level of Insurance Coverage

Because claims can get very expensive, making sure that your insurance covers for that is a very smart decision. Remember that insurance policies differ and what may be included in one may not be a part of another, no matter if they cost the same or are called by the same term. You won’t want to be paying for cheaper insurance now only to realize later that you’re not adequately covered when you have to liquidate assets just to be able to pay up for a claim.

Taking Lessons from Someone Else’s Mistakes

The beauty of managing a business today is that there are a lot of resources available for you to see what works and what doesn’t. To review your business’ possible risks, all you have to do is to review similar businesses that have done mistakes which resulted to a Public Liability claim so that you can avoid making the same mistakes. Talking to industry leaders or attending industry-specific conferences and gatherings can likewise help you immensely.

Consulting with the Right Professionals

It is understandable to make mistakes when you don’t have decades of industry or business experience yet but a mistake you cannot afford is not seeking professional advice when needed. Seeking professional advice from the right person(s) can help you uncover weaknesses you didn’t know your business have. Their insight can point you to the right direction, save you money, and make you better profits in the long run. Of course, professional advice does come with quite a price tag and it’s up to you to leverage it to get the most benefit.

Take Charge and Be Smart

Complacency with your current state of affairs will not do you any favours when you’re faced with a Public Liability claim. You need to be proactive in seeking expert professional advice, frequently checking if your safety measures are still adequate, and reviewing if there is a need for change in your procedures or policies whenever your business takes a new turn. As part of the management, it is your duty to review your business on a regular basis and get what needs to be done right on time.

Need help in reducing your risk of a Public Liability claim? Consult with the leading team of private investigators in Toronto! Contact us for an obligation-free initial consultation today!

Company Hotlines – More Than Just a Reporting System

corporate-private-investigations

Oftentimes, organizations put up a company hotline just to have a means for employees to raise concerns, but a well thought out and promoted company hotline can function beyond that.

Benefits of a Responsive Company Hotline

Company hotlines, whether in the form of a website or a telephone number only works if employees trust that their reported concerns will be attended to, or at least, listened to.

Compliance professionals and those with similar tasks of determining whether a reporting system is working, share that the huge majority (about 80%) of all concerns reported by employees are simply trivial matters. 8 of 10 times the report will just be about office politics, who was mean to whom, who’s taking all the sugar packets at the office pantry, who yelled insults at someone and so on. This is why it is too easy to take a dismissive attitude towards the concerns being raised. This is not what you want to reflect.

Though it is tempting to simply ignore the need for a company hotline due to the fact that the majority of complaints and concerns are petty or even personal issues, you cannot discount the other 20% that could mean a big deal in your organization. More so, dismissing a company hotline as something your organization does not need reflects a dismissive culture – something that can cause an increase of employee fraud in your business.

Your company hotline’s value should not be gauged by the types of reports nor the number of reports that is fed to it. Its value is actually about promoting positive morale and show employees that the company’s management is interested and is willing to listen to their concerns.

When a CEO or someone from upper management urges employees to report concerns, employees feel more confident to talk about the things that are happening in your organization that you may not be noticing. Though some employees will still often share their concerns with their supervisors, a company hotline increases the likelihood that the concerns will actually reach the ears of the decision makers and will not be lost to company politics.

An Invaluable Resource

A well-implemented reporting system that is highlighted and promoted by the company’s upper management can easily become the company’s most invaluable resource for both the compliance function people and senior management. How so? This type of reporting system can uncover major issues. For instance, some companies report that they were able to sort out a major problem in their product (that could have gone out to their customers and cause damage) because one or two employees shared a concern via their hotline. These are the kind of calls that is all too uncommon but can have a major impact on your business if left unreported.

A Culture of Compliance

Company hotlines give way to opportunities that promote a culture of compliance. Companies that make a point of regularly monitoring the nature of calls and analyzes the data from that can garner real deep insights and see patterns within the practices in the company.

Take for instance a case of a seemingly perfect department, with a supervisor leading that department and everything running smoothly. No one would have thought there is something wrong going on in there if not for a few separate reports by employees which prompted the management to investigate and find out that there are a ton of issues. It turned out that the supervisor was covering for the issues because getting the issues addressed means exposing some unsavoury things he is doing.

Company hotlines gives you a means to really find out things that should be addressed. It gives you some insights on what should be investigated and alerts you to possible fraud.

Best Practices for Company Hotlines

A call in number is the most common type of company hotline but using other means such as a feedback link or email can give you more means to extract real concerns. This is why having a few avenues for your reporting system is crucial for it to be truly effective.

Company hotlines that allow employees to leave anonymous reports can help protect your whistleblowers. It might be cumbersome because follow ups are nearly impossible but this will help those who are just too afraid to speak up because they know that their anonymity will be protected.

Responding to reported concerns demonstrates that your business is committed to both your company’s and employees’ welfare. This increase in trust factor that’s brought in by the company’s responsiveness and reliability gives employees more reason to report a concern. More reports with real value can mean a better organization and profits for you!

Need help setting up a proper company hotline? Then contact Toronto’s leading team of private investigators for a consultation! We specialize in various ways of protecting your business from fraud. Let’s talk about how you can make having a company hotline work for you today!

 

Cyber Attack Still the Top Business Threat

toronto-private-investigator

The previous year marked a lot of changes in the world of business security, but one disturbing fact is that cyber attacks and breach of data are still the top business continuity threats for the second year and possibly for 2016 as well.

10 Top Business Continuity Threats for 2015

A new online global survey, the 5th annual BCI Horizon Scan report published by the BSI (British Standards Institution) and BCI (Business Continuity Institute) places data breach and cyber attack as numbers 2 and 1 in the list of top perceived business continuity threats as identified by business continuity managers from 74 countries and 568 different organizations.

85% of the respondents cited the possibility of a cyber attack as a business threat, making it the top threat for the 2nd year. The research data also shows that cyber attack is the top concern for 6 of the 8 surveyed regions. As for data breach being a threat, it was cited by 80% of the respondents; placing it a place above its previous spot in the survey.

Below are the rest of the Top Business Continuity Threats for 2015:

  • Unplanned IT and telecom outages (moved down a spot)
  • Act of terrorism (moved up 5 spots)
  • Security incident (went up 1 place)
  • Interruption to utility supply (down 2 notches)
  • Supply chain disruption (moved down 2 spots)
  • Adverse weather (went down a notch)
  • Availability of key skills (new threat for 2015)
  • Healthy and safety incident (new entry for 2015)

BCI Horizon Scan 2016

BCI and BSI reports that 47% of survey participants identified the increasing complexity of supply chain as a trend, a possible factor for disrupting business operations in event of a natural disaster or a man-made conflict. Survey respondents also brought up the availability of key skills and talent as a threat, with 34% reporting that they are ‘concerned’ about it and 13% saying that they are ‘extremely concerned’ about the threat.

Other notable data are:

  • 83% of respondents says that the use of the Internet for malicious attacks is a concern.
  • 70% use long term trend analysis to understand and assess threats, down from the previous year’s 73%
  • 33% of those using trend analysis state that they do not use data to inform their management programs for business continuity.
  • 94% of Canadian organizations use trend analysis and only 29% of organizations in Latin America and the Caribbean does the same.

BCI chairman David James-Brown suggests that there is a need to identify and build resilience against the range of threats in the report. He further states that advising organizations on what to prepare for so that they can adjust their business recovery plans is crucial, especially that modern and traditional challenges are always changing. He further states that at this time, horizon scanning techniques are more valuable to assist organizations to be as prepared as they can be in the face of new threats and rising old ones.

BSI chief executive Howard Kerr says that the fact that businesses are still not using the available information to them for identifying and addressing their organization’s weaknesses is concerning. He adds that businesses should see to it that their businesses are thriving and not merely surviving in the face of the current business continuity threats and that there is opportunity to be had amongst all the risk.

Need assistance in identifying and managing your business continuity threats? Contact the best private investigators in Toronto for an obligation-free initial consultation today!