Pages
Thursday, November 8, 2007
Nonprofits' Data Breached Yet Again In Software Attack
Salesforce.com is the second software vendor to nonprofits this week to announce a data breach. The firm alerted its clients of phishing attempts and the security breach. The most recent phishing attempts included malware, software that secretly installs viruses or key loggers.
Salesforce.com sent security alerts to customers regarding two recent phishing emails: one titled "FTC" on Oct. 29 and the other "We want to make a order with..." on Nov. 6. The San Francisco-based company refused comment, except for a letter to clients that indicated “a rise in phishing attempts directed at salesforce.com customers over the past few months. The firm has more than 30,000 clients, fewer than 10 percent of which are nonprofits. The firm offers small organizations licenses for up to 10 users at no cost.
The announcement came three days after Convio announced it had a security breach with at least 92 clients, as previously reported on http://www.nptimes.com/.
“When we first saw signs of this sudden rise, we conducted a thorough analysis,” according to the salesforce.com announcement....
Click Here to Read Complete Article...
Tuesday, November 6, 2007
92 Convio Clients Hit In Security Breach
Where fraud is occurring at nonprofits
It is a sad fact that fraud has taken place at nonprofit organizations, just as it has out in the for-profit and bureaucratic world.
At the American Institute of Certified Public Accountants Not-For-Profit Industry Conference, Gerard M. Zack, president of Zack Accounting and Consulting and founder of the Nonprofit Resource Center Inc., outlined the recent trends that are showing up in nonprofit fraud.
According to Zack, a 2006 study showed that private companies had 36.9 percent of fraud cases, public companies 31.7 percent, government agencies 17.6 percent and nonprofits 13.9 percent. The median loss was $100,000.
He noted that while traditional check tampering and disbursements continue to be prevalent, certain varieties within those areas have become apparent.
They are:
- A significant increase in cases involving corruption, including kickbacks, bribes and undisclosed conflicts of interest;
- An increase in cases involving electronic access to or theft of data, sometimes while employees are working off site, hacking into networks, etc.;
- An increase in external attempts at check tampering and electronictransfers from NPO accounts;
- An increase in cases in which a nonprofit is held liable for fraudsperpetrated by its employees or agents against others; for example, an employee steals credit card information of a member of the organization; and,
- An increase in the use of sham or impersonator charities.
This article is from NPT Weekly eNewsletter, a publication of The NonProfit Times. Subscribe to NPT Weekly or any of our other enewsletters and get the latest nonprofit news and stories delivered to your inbox.