Originally posted by hobnob
View Post
- Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
- Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!
Collapse
You are not logged in or you do not have permission to access this page. This could be due to one of several reasons:
- You are not logged in. If you are already registered, fill in the form below to log in, or follow the "Sign Up" link to register a new account.
- You may not have sufficient privileges to access this page. Are you trying to edit someone else's post, access administrative features or some other privileged system?
- If you are trying to post, the administrator may have disabled your account, or it may be awaiting activation.
Logging in...
Previously on "Finance worker pays out $25 million after video call with deepfake CFO"
Collapse
-
-
Originally posted by vetran View PostBack when we used cheques you needed 2 directors to co sign for over £10k. Seems reasonable for over a million to ask for 2+ directors to verify via MFA.
I wonder whether this will affect discussions about people working in the office vs working from home. I.e. if someone is standing in front of you (after swiping their pass to get into the building) then you can be pretty confident that they're the real deal, whereas you don't know who's on the other end of a Teams meeting.
Leave a comment:
-
Originally posted by vetran View Post
Back when we used cheques you needed 2 directors to co sign for over £10k. Seems reasonable for over a million to ask for 2+ directors to verify via MFA.
https://www.microsoft.com/en-gb/secu...henticator-app
Leave a comment:
-
Originally posted by hobnob View Post
You could have a password to prove that this person isn't an imposter, but people aren't good at remembering passwords. Or you could have a "tell me something that only the real Fred would know" conversation.
It doesn't work very well if you've got elderly parents with memory issues, of course.
Leave a comment:
-
Originally posted by hobnob View Post
In this case, I don't see how that would help. The person who transferred the money didn't have their credentials stolen (e.g. nobody guessed their password). If the system had prompted them for MFA, they would have typed in the code from their app, because they thought that the transfer was legitimate. The problem was that they were tricked by someone impersonating their boss.
There's a fairly common scam where people get text messages saying "Hi Mum, I've lost my phone, please can you send me some cash." There's a targeted version where the child's voice can be faked (e.g. if they've done podcasts or YouTube videos for the AI to learn from), which would then make it more convincing.
You could have a password to prove that this person isn't an imposter, but people aren't good at remembering passwords. Or you could have a "tell me something that only the real Fred would know" conversation.
Leave a comment:
-
Originally posted by vetran View Post20+ years ago I had MFA as standard for remote access. Why not have a similar protection for large transfers. people are stupid.
There's a fairly common scam where people get text messages saying "Hi Mum, I've lost my phone, please can you send me some cash." There's a targeted version where the child's voice can be faked (e.g. if they've done podcasts or YouTube videos for the AI to learn from), which would then make it more convincing.
You could have a password to prove that this person isn't an imposter, but people aren't good at remembering passwords. Or you could have a "tell me something that only the real Fred would know" conversation.
Leave a comment:
-
Originally posted by SueEllen View Post
It is surprising when you talk to people how many companies still don't have an authorisation process for transactions.
They presume that people dipping their hands in the till will do it for small amounts not a few thousand at a time.
Leave a comment:
-
Originally posted by vetran View PostYou would assume they would have some sort of authorisation process for significant amounts.
They presume that people dipping their hands in the till will do it for small amounts not a few thousand at a time.
Leave a comment:
-
seems security isn't. You would assume they would have some sort of authorisation process for significant amounts.
Leave a comment:
-
Finance worker pays out $25 million after video call with deepfake CFO
Tags: None
- Home
- News & Features
- First Timers
- IR35 / S660 / BN66
- Employee Benefit Trusts
- Agency Workers Regulations
- MSC Legislation
- Limited Companies
- Dividends
- Umbrella Company
- VAT / Flat Rate VAT
- Job News & Guides
- Money News & Guides
- Guide to Contracts
- Successful Contracting
- Contracting Overseas
- Contractor Calculators
- MVL
- Contractor Expenses
Advertisers
Contractor Services
CUK News
- Streamline Your Retirement with iSIPP: A Solution for Contractor Pensions Sep 1 09:13
- Making the most of pension lump sums: overview for contractors Sep 1 08:36
- Umbrella company tribunal cases are opening up; are your wages subject to unlawful deductions, too? Aug 31 08:38
- Contractors, relabelling 'labour' as 'services' to appear 'fully contracted out' won't dupe IR35 inspectors Aug 31 08:30
- How often does HMRC check tax returns? Aug 30 08:27
- Work-life balance as an IT contractor: 5 top tips from a tech recruiter Aug 30 08:20
- Autumn Statement 2023 tipped to prioritise mental health, in a boost for UK workplaces Aug 29 08:33
- Final reminder for contractors to respond to the umbrella consultation (closing today) Aug 29 08:09
- Top 5 most in demand cyber security contract roles Aug 25 08:38
- Changes to the right to request flexible working are incoming, but how will contractors be affected? Aug 24 08:25
Leave a comment: