Hertfordshire businesses are being urged to strengthen their defences to avoid becoming victims of cyber crime
Hertfordshire businesses are being urged to strengthen their defences to avoid becoming victims of cyber crime.
Millions of pounds are stolen every year from the 60,000 companies in the county, despite there being simple steps which can be taken to stop criminals in their tracks.
The Independent Business Advisory Group (IBAG), which was established by David Lloyd, the Police and Crime Commissioner for Hertfordshire, wants to highlight the techniques used by fraudsters so firms are prepared.
"Many of us have either experienced or know of a business that has experienced a cyber scam," said IBAG chair Jeremy Bishop from Hertfordshire Chamber of Commerce.
"As we say, 'Don't be an easy victim'. With some simple review steps in your payment processes, you can all but eliminate the likelihood of falling foul to the latest trends."
The majority of businesses that have reported to Action Fraud this year said they were victims of mandate fraud, which occurs when the fraudster gets the payee to change a direct debit, standing order or bank transfer mandate.
They do this by purporting to be from an organisation where regular payments are made to – for example, a business supplier, customer, subscription or membership organisation.
Businesses should verify all invoices, as well as requests to change bank account details, using established contact details already on file or by telephoning someone at the company.
The second most-used technique by fraudsters is phishing and social engineering. In a typical attack, scammers send fake emails to thousands of companies to try to trick them into revealing sensitive information – such as bank details – or the messages contain malicious links or attachments containing malware.
The criminal's motivations vary, from system sabotage and data theft to financial gain – for example, encrypting an organisation's data and holding it to ransom.
The third most common scam is business email compromise (BEC), which is more sophisticated than the standard phishing messages that are sent out indiscriminately to millions of people at once.
BEC attacks are crafted to appeal to a specific individual and can be even harder to detect. They often purport to come from a senior executive asking staff to transfer money or purchase vouchers.
Mr Lloyd has also funded the Cyber Basics Review programme to prevent fraud rather than just responding to it.
Small and medium-sized businesses can get a free cyber security check and training from a fully accredited Herts-based IT expert.
For more information and to secure a free consultation, email firstname.lastname@example.org.