{"title":"Something Phish-y is Going On Here: A Teaching Case on Business Email Compromise","authors":"Kathleen M. Bakarich, Devon Baranek","doi":"10.2308/ciia-19-018","DOIUrl":null,"url":null,"abstract":"\n This case utilizes a real-world example of a U.S. public company that fell victim to a Business Email Compromise (BEC) scheme in which an employee inadvertently wired millions of dollars to fraudulent accounts based upon email instructions purportedly sent by a company executive and external legal counsel. This is a timely issue to examine given its rising prevalence and magnitude in the corporate world. The case allows students to examine a topic (phishing techniques and email scams) that they are likely to be familiar with on a conceptual level, through the lens of internal controls and external auditing. Examining the case information, SEC filings, and auditing guidance, students will gain an understanding of internal control issues related to BEC and critically think of ways to remediate or implement controls to reduce cybersecurity risk, as well as consider the external auditor's growing responsibilities related to technology and its associated risks.","PeriodicalId":44019,"journal":{"name":"Current Issues in Auditing","volume":" ","pages":""},"PeriodicalIF":0.8000,"publicationDate":"2019-12-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.2308/ciia-19-018","citationCount":"6","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Current Issues in Auditing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.2308/ciia-19-018","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"BUSINESS, FINANCE","Score":null,"Total":0}
引用次数: 6
Abstract
This case utilizes a real-world example of a U.S. public company that fell victim to a Business Email Compromise (BEC) scheme in which an employee inadvertently wired millions of dollars to fraudulent accounts based upon email instructions purportedly sent by a company executive and external legal counsel. This is a timely issue to examine given its rising prevalence and magnitude in the corporate world. The case allows students to examine a topic (phishing techniques and email scams) that they are likely to be familiar with on a conceptual level, through the lens of internal controls and external auditing. Examining the case information, SEC filings, and auditing guidance, students will gain an understanding of internal control issues related to BEC and critically think of ways to remediate or implement controls to reduce cybersecurity risk, as well as consider the external auditor's growing responsibilities related to technology and its associated risks.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
