MYOB integration updates

Upon importing payments from MYOB into Prism, the message has been updated to:

1. total number of payments
   
2. total number of succcessful payments
   
3. total number of failed payments
   
4. invoice(s) not found
   

Furthermore, the system will check for duplicate payments when importing by checking Amount,  Payment Date and Invoice Number.

If payment amount exceeds an owner's opening balance, the overpayment will be auto-allocated to the next invoice.

Statement PDF security and additional security recommendations

In response to various Business Email Compromise (BEC) scam attempts across a variety of finance platforms, we have now implemented additional security on the Statement PDFs emailed to owners.

In a BEC scam, cybercriminals will send fraudulent emails posing as a legitimate business, asking customers to change bank account details for future invoice payments or modifying the payment instructions in an existing Statement. Victims assume this request is legitimate and will then send invoice payments to a bank account operated by the scammer.

We have now upgraded Statement PDFs generated by Prism, so they cannot easily be modified using PDF editing tools. This helps prevent a scammer modifying bank details and forwarding the statement requesting payment. But the mitigation of scams and phishing attempts does not stop there. We recommend implementing the following mitigation strategies immediately:

1. Be wary of suspicious emails and keep your customers informed to do the same. Emails sent from email addresses which are not from @prism.horse or your own domain, containing links to payment or requests to reset passwords or provide contact details, should be closely examined and not opened or clicked upon.
   
2. Use strong passphrases on both your Prism account and each email account. Implement a suitable policy in your business to govern the adoption of secure passwords by all staff.
3. Ensure that your staff are trained to recognise suspicious emails, including fraudulent bank account changes or requests to check or confirm login details.
   
4. If you currently use a generic email accounts for your business, such as @hotmail.com, @gmail.com etc, setup your own domain and email hosting service as a matter of urgency. Whilst we can set you up with an @prismracing.com.au email account for the sole purpose of emailing your customers from your Prism portal, security is enhanced further by adopting your own domain and email hosting service.
5. Report all scam/phishing attempts to the appropriate authorities, and you can copy support@prism.horse if it relates to a feature of Prism or an email from your Prism portal.

Prism accepts no liability for emails not sent from our email addresses. But we must all remain vigilant. 

---

Report a suspected scam to the ACCC.

Are you a victim of cybercrime? Visit ReportCyber to take your next steps.