Adviser - Spring 2016

Adviser/ insurance

‘ Phishing’, ‘Vishing’ and money going missing O ver the past few years the problem of ‘phishing’, or email fraud, has become all too common and many of us are now alert to the Phishing with spears Some of the most recent cyber-scams involve ‘spear phishing’. An email is sent to an employee that appears to be from a person or a business that is known to them and requesting access to company larger organisations (such as TalkTalk) who have fallen victim to cyber crime, in many cases it is now smaller companies who are being attacked. “Smaller businesses are often targeted by hackers as they tend to have fewer security measures in place, making them easier to infiltrate”, she said. “Some small organisations are ill-equipped to identify cyber threats, so hackers can do Tim Mulley, Senior Partner at Scrutton Bland, on how cyber scammers are targeting businesses information. Unlike the usual phishing scams, which have a much broader reach, the spear phishing hacker targets specific data or financial information, often using

scams, however, there is a new threat on the horizon. You may have seen news stories about vulnerable individuals being scammed by ‘vishing’ (voice crime) criminals, who persuade them to hand over their bank details. But there is now a worrying trend for professional practices, including accountants and solicitors to be targeted by these fraudsters. In an environment where those who deal with client monies are expected to keep up-to-date with anti-money laundering and compliance training, it can be easy to assume that professional practices would not be susceptible to financial crime. However, criminals have become increasingly sophisticated and unless you have robust processes and procedures in place to deal with this potential risk, then you may be leaving your business open to criminal exploitation. Within the past few months there have been some very real examples of how vishing can affect professional practices. These stories come in the wake of news from the Financial Fraud Action UK (FFA), the body which co-ordinates the financial industry's response to cyber crime, which reported that UK financial fraud losses rose 6% to £325m in the first six months of 2015. Telephone banking fraud losses increased by 95% to £14.4m in the same period. The FFA said that a further £300m of remote banking fraud, which includes online and telephone banking crimes, was stopped. The size of the problem

significant damage before being detected. Small businesses can also be targeted to gain access to more valuable data by their partners and vendors.” She added “Data breaches can have a significant impact on smaller firms as they may not have the capital or technical expertise to respond. A significant cyber attack could destroy a small business.” Basic methods such as firewalls, anti- virus software and securely encrypted internet and wifi services are vital to help deter criminals and alert victims of any attempts to compromise their business. Equally, ensure you have strong passwords, and be sure to avoid the most- used examples such as 12345, qwerty, and worst of all, password. Businesses should make sure that they are storing any client or employee data securely and invest in the most secure encryption available. Employees should be made aware of their firm’s data security policy, especially with regard to scenarios such as phishing emails, and set up a reactive strategy so that in the event of a possible breach of security there are processes in place to secure evidence that will assist with internal and external investigations. If your website is hosted or managed by a third party then make sure that they are using the best security protocols and encryption. Straightforward protection advice

There is now a worrying trend for professional practices, including accountants and solicitors, to be targeted by these fraudsters.

open source information such as social media to become familiar with an individual or group and pinpoint their attack.

Local businesses now being targeted

In a recent interview, Tonya Antonis, Detective Chief Inspector at the Cyber and Serious Crime Department of Suffolk Police highlighted a local perspective to this growing problem. She said that while the public may be aware of some of the


Made with FlippingBook - Online magazine maker