Anonymous
05/02/2019 17:07
Subject: Would you reimburse an employee who fell for a phishing scam?
Is it routine for the CEO of your company to make such requests of staff? The employee should have verified the request first.
Anonymous
05/02/2019 17:07
Subject: Would you reimburse an employee who fell for a phishing scam?
Anonymous wrote:I think you should reimburse them and get a copy of the police report. Do you have insurance that can cover this? How do you know the employee is not in on the scam?
Once you clear that, you need a purchasing manual or policy. You need to train everyone on who can approve purchases over x amount, what card to use, etc. once you do that training, you have everyone sign that they understand and know they will not be reimbursed for purchases that violate the process and policy.
Agree 100%. Also can business can deduct this as a loss on their taxes.
Anonymous
05/02/2019 16:47
Subject: Would you reimburse an employee who fell for a phishing scam?
Anonymous wrote:Anonymous wrote:The employee should be paid back and you should invest in better IT controls and training for all employees.
This is less about IT controls...even the most fortified security systems are vulnerable to phishing scams. This is more about lack of training or bad judgment on part of the employee. However, the employee should still be paid back, unless it was part of his job duties to be able to recognize phishing email.
It was not part of their job, but they received specific warnings not to do what they did. Doesn't that count for something?
Anonymous
05/02/2019 16:46
Subject: Would you reimburse an employee who fell for a phishing scam?
I think you should reimburse them and get a copy of the police report. Do you have insurance that can cover this? How do you know the employee is not in on the scam?
Once you clear that, you need a purchasing manual or policy. You need to train everyone on who can approve purchases over x amount, what card to use, etc. once you do that training, you have everyone sign that they understand and know they will not be reimbursed for purchases that violate the process and policy.
Once you clear that, you need a purchasing manual or policy. You need to train everyone on who can approve purchases over x amount, what card to use, etc. once you do that training, you have everyone sign that they understand and know they will not be reimbursed for purchases that violate the process and policy.
Anonymous
05/02/2019 16:41
Subject: Would you reimburse an employee who fell for a phishing scam?
Anonymous wrote:The employee should be paid back and you should invest in better IT controls and training for all employees.
This is less about IT controls...even the most fortified security systems are vulnerable to phishing scams. This is more about lack of training or bad judgment on part of the employee. However, the employee should still be paid back, unless it was part of his job duties to be able to recognize phishing email.
Anonymous
05/02/2019 16:39
Subject: Would you reimburse an employee who fell for a phishing scam?
Absolutely not pay.
Anonymous
05/02/2019 16:37
Subject: Would you reimburse an employee who fell for a phishing scam?
Anonymous wrote:
You need to reimburse because it was the first time and you did not adequately explain.
You convene a company wide meeting which all must attend, you explain what happened, and you say that in the future, no one will be reimbursed.
This.
I might even require a signed form from each employee indicating that the training was attended and that they understand the policies.
Also it should be made very, very clear that employees should ALWAYS get approval for spending for the company.
Anonymous
05/02/2019 16:26
Subject: Re:Would you reimburse an employee who fell for a phishing scam?
Anonymous wrote:\Anonymous wrote:Anonymous wrote:Anonymous wrote:Also whey did they use their personal funds for the purchase insetad of a company card?
This staff member does not have a company credit card.
Does this person occasionally purchase things for the business and seek reimbursement?
No, never.
Then I wouldn’t. I could maybe see getting confused if their job regularly required purchasing things on their own and getting paid back
Anonymous
05/02/2019 16:22
Subject: Re:Would you reimburse an employee who fell for a phishing scam?
\Anonymous wrote:Anonymous wrote:Anonymous wrote:Also whey did they use their personal funds for the purchase insetad of a company card?
This staff member does not have a company credit card.
Does this person occasionally purchase things for the business and seek reimbursement?
No, never.
Anonymous
05/02/2019 16:21
Subject: Re:Would you reimburse an employee who fell for a phishing scam?
Anonymous wrote:Anonymous wrote:Also whey did they use their personal funds for the purchase insetad of a company card?
This staff member does not have a company credit card.
Does this person occasionally purchase things for the business and seek reimbursement?
Anonymous
05/02/2019 16:09
Subject: Would you reimburse an employee who fell for a phishing scam?
The employee should be paid back and you should invest in better IT controls and training for all employees.
Anonymous
05/02/2019 16:04
Subject: Re:Would you reimburse an employee who fell for a phishing scam?
Anonymous wrote:The confounding factor here is you admit that your company is not doing a good job of blocking such phishing emails. I think you should reimburse them.
When I said we were getting a lot of phishing emails I meant we were catching a lot of them in filters, they do not typically reach staff members. This was one of the few that made it through but it was not convincing-- there were several signs that it was not legit.
Anonymous
05/02/2019 15:58
Subject: Would you reimburse an employee who fell for a phishing scam?
Anonymous wrote:
You need to reimburse because it was the first time and you did not adequately explain.
You convene a company wide meeting which all must attend, you explain what happened, and you say that in the future, no one will be reimbursed.
What was not adequately explained? There were warnings sent out. Are you saying that it should have been explicitly stated that if someone spent their own money on a scam they wouldn't be reimbursed?
Anonymous
05/02/2019 15:57
Subject: Would you reimburse an employee who fell for a phishing scam?
Anonymous wrote:Was it a normal request for your CEO to make on the weekend that couldn't have waited until it was vetted Monday? That seems super shady....and I would not have just gone out and done that.
No, our CEO would never ask a staff member to do anything like this, weekend or not.
Anonymous
05/02/2019 15:56
Subject: Would you reimburse an employee who fell for a phishing scam?
You need to reimburse because it was the first time and you did not adequately explain.
You convene a company wide meeting which all must attend, you explain what happened, and you say that in the future, no one will be reimbursed.