Various Finance enhancements and security recommendations

Various Finance enhancements and security recommendations

Release Date: 6 July 2021

MYOB integration updates

Upon importing payments from MYOB into Prism, the message has been updated to:
  1. total number of payments
  2. total number of succcessful payments
  3. total number of failed payments
  4. invoice(s) not found

Furthermore, the system will check for duplicate payments when importing by checking Amount,  Payment Date and Invoice Number.

If payment amount exceeds an owner's opening balance, the overpayment will be auto-allocated to the next invoice.

Statement PDF security and additional security recommendations

In response to various Business Email Compromise (BEC) scam attempts across a variety of finance platforms, we have now implemented additional security on the Statement PDFs emailed to owners.

In a BEC scam, cybercriminals will send fraudulent emails posing as a legitimate business, asking customers to change bank account details for future invoice payments or modifying the payment instructions in an existing Statement. Victims assume this request is legitimate and will then send invoice payments to a bank account operated by the scammer.

We have now upgraded Statement PDFs generated by Prism, so they cannot easily be modified using PDF editing tools. This helps prevent a scammer modifying bank details and forwarding the statement requesting payment. But the mitigation of scams and phishing attempts does not stop there. We recommend implementing the following mitigation strategies immediately:
  1. Be wary of suspicious emails and keep your customers informed to do the same. Emails sent from email addresses which are not from or your own domain, containing links to payment or requests to reset passwords or provide contact details, should be closely examined and not opened or clicked upon.
  2. Use strong passphrases on both your Prism account and each email account. Implement a suitable policy in your business to govern the adoption of secure passwords by all staff.
  3. Ensure that your staff are trained to recognise suspicious emails, including fraudulent bank account changes or requests to check or confirm login details.
  4. If you currently use a generic email accounts for your business, such as, etc, setup your own domain and email hosting service as a matter of urgency. Whilst we can set you up with an email account for the sole purpose of emailing your customers from your Prism portal, security is enhanced further by adopting your own domain and email hosting service.
  5. Report all scam/phishing attempts to the appropriate authorities, and you can copy if it relates to a feature of Prism or an email from your Prism portal.
Prism accepts no liability for emails not sent from our email addresses. But we must all remain vigilant. 

Are you a victim of cybercrime? Visit ReportCyber to take your next steps.

    • Related Articles

    • [Finance] Improvement to Payment Note template

      1 June 2022 | Enhanced Feature| Finance | Payments In the template of the Payment Note that appears on end of month Statements, you can now: insert the unique secure Direct Debit Authorisation link to encourage owners to authorise you to direct debit ...
    • [Finance] Adjust Discount when Regenerating Statements

      Release Date: 12 May 2023 | Finance When regenerating Statements for the most recent period, you can now adjust owner discounts should they need correcting or removing. In the Modify Statement window, select the option 'Adjust Discount', just beneath ...
    • [Feature] Finance | Add Payment directly in Prism

      Release Date: 22 October 2020 This release applies only to Prism Finance subscribers who do not use Xero or MYOB, integrated with Prism Finance. It enables owner payments to be recorded against the relevant owner account, directly within Prism. If ...
    • [Improvement] Finance | No Payment Required on Statements

      Release Date: 03 June 2020 If a Customer's total amount due is less than or equal to zero (0), the button on the Statement now displays 'NO PAYMENT REQUIRED' instead of 'PAY NOW'.
    • Filter Statements by Statement ID on Finance Dashboard

      Release Date: 19 November 2021 | Finance On the Finance Dashboard page, subscribers to the Prism Finance module can now filter all Statements by Statement ID. To use this feature: Navigate to Finance > Dashboard Click on the Filter icon in the ...