Businesses in the North East are being targeted by fraudsters who continue to develop new and increasingly sophisticated tactics to steal funds and target IT systems, according to the North East regional cyber crime unit.
The recent surge in cyber enabled fraud attacks is believed to be down to the fact that criminals can easily hide their identity from unsuspecting victims because many businesses do not take cyber threats seriously.
Delegates at a recent event we held in Newcastle city centre in conjunction with Bond Dickinson LLP and the North East Regional Special Operations Unit heard from Martin Wilson from the North East Regional Cyber Crime Unit.
He believes that about 80 per cent of reported cyber-attacks could have been defended against simply by raising businesses’ awareness of some of the tactics currently being used by cyber fraudsters in the North East. These include:
Ransomware is a type of malicious software (malware) that severely restricts access to a computer, device or file until a ransom is paid by the user. It has the ability to lock a computer screen or encrypt files with a password, often using strong encryption.
Cyber Extortion is a crime that occurs when a fraudster threatens a victim or makes demands online. Threats will vary but have previously included leaking confidential client data to the internet or posting thousands of defamatory comments about your business on a review site causing reputational damage.
This is where a fraudster sends an email or letter, which appears to have been sent by a known supplier, asking for future payments to be made into a new account number.
CEO fraud is the name given to the scam where fraudsters hack into or imitate the email account of a senior person within your business. They will send an email to an employee asking for an urgent and often highly confidential payment to be made.
In phishing, fraudsters attempt to dupe victims into divulging passwords or other confidential information either via email or during a phone call. This scam might have been around for some time, but we still hear of businesses in the North East being tricked into giving away their online banking passwords and payment authorisation codes by persuasive fraudsters on the phone.
At Lloyds, we support Financial Fraud Action UK’s Take 5 campaign, which encourages businesses to consider potential threats.
Experts believe that an alarming number of cyber crimes in the North East go unreported as high profile organisations want to protect their reputation and be seen to have robust security controls.
Fortunately, there are some simple steps that your businesses can take to address these risks and stay safe online:
- Ensure you have good quality anti-virus software with the latest version installed and updated regularly
- Carry out operating system updates as soon as they become available
- Educate your users to make them aware of the risks associated with allowing malware on to a system
- Regular back-ups. This ensures that your most important files are copied and potentially held off-site. This will allow machines and systems to be restored in the event of infection.
- Be vigilant about clicking on malicious links in email or opening malicious attachments
- Be aware that some social networking sites and other untrustworthy websites could be hosting ransomware
- Be vigilant about your use of removable media such as USB drives or other removable media devices, all of which could also be used to host malware
- Never disclose security details such as your PIN or full banking password.