Employees Commit Corporate Fraud

Imagine the following scenario; Ten years ago you decided to quit your job and start your own company. For ten years you worked hard, made sacrifices, and it paid off in the end. One of your first employees, a loyal, hard working employee has been by your side the whole way.

Things were going great. Until about eight months ago.

All of a sudden, clients whom you had worked for for years were not returning your calls or e-mails. Then, sales from your online products site started dropping dramatically. One day, out of the blue, that long time devoted employee did not show up for work, nor would they return any calls.

What you did not know was that employee who you trusted with your life had spent the last eight months intercepting / reading all your e-mails, installing monitoring software on your computers to watch everything you do, contacting clients without your permission with the explicit purpose of feeding them false information. The employee was downloading all proprietary code for you online products store, setting up a duplicate site on another server, and taking orders for those products.

In another recent case, an employee of an institute of higher learning was threatening to blackmail the executive staff. They had been notified that any action taken against the individual would result in loss of large amounts of critical data and negative publicity. We were hired to determine the validity of the threat and to collect evidence for possible legal action. What we found was quite disturbing. The suspect employee had installed logic-bombs throughout the organizations network. These logic-bombs required specific action be taken every 48 hours by the suspect employee. If the employee did not perform a specific task within the allotted time, for instance, if he / she had been terminated, the logic-bomb would execute. There was much more to this story and none of it was positive.

You have just been the victim of corporate fraud
------------------------------------------------
But how could this happen to you, and by someone who you trust? It happens more frequently then you know. If you can gather enough evidence and convince the District Attorney to take action you might only have to spend $20,000 to $50,000 to sue this person. On the other hand, if you can't get the District Attorney involved, it may cost you hundreds of thousands of dollars, and you won't know what the outcome is until it's all over!

A Few Things You Can Do
-----------------------
These are not fictional stories and everyone is equally at risk for such an event. Make sure you have strict controls and guidelines to keep your business safe. Any proprietary information, whether it be code, sales information, client lists, or financials should be well guarded. Obviously this information must be shared with others in your organization, but it can be done so with audit trails. As a business owner you should know who has access to what, when, and how.

The objective of this article is not to make people paranoid; its purpose is to promote awareness. Most people / employees are law abiding and productive, but don't make the mistake of letting your guard down.

About The Author
----------------
Darren Miller is an Industry leading computer and internet security consultant. At the website - http://www.defendingthenet.com you will find information about computer security specifically design to assist home, home business and small business computer users. Sign up for defending the nets newsletter and stay informed and empowered to stay safe on the Internet. You can reach Darren at mailto:darren.miller@paralogic.net or at mailto:defendthenet@paralogic.net