• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Skip to footer
  • Bedfordshire
  • Milton Keynes
  • Northamptonshire
  • Awards
  • Knowledge Hub
  • Contact Us
  • About Us
    • Sustainability
    • The Podcast
    • ATB TV
All Things Business

All Things Business

First For Local UK Business News

  • Education
  • Professional Services
    • Legal
    • Finance
    • Recruitment & HR
    • Creative Marketing
  • Property
  • Environment
    • Wellbeing
  • Industry
    • Industry
    • Manufacturing
    • Motors
    • Logistics
    • Technology
  • Events
    • Events
    • Food & Drink
    • Sport
  • News

Tackling cyber attacks at work and at home

News, Technology | April 1, 2021

The effects of coronavirus have not gone unnoticed in the workplace. Back in March 2020, the majority of us packed up our desks and moved into our makeshift home offices, more than 9.9 million of us were furloughed and the latest statistics show that unemployment has increased to 1.69 million in the UK alone.

The way in which businesses quickly adapted to the pandemic left security systems vulnerable to cyber attacks and criminal infiltration. Here, we discuss the top five cyber frauds you should be aware of in the current climate and the ways in which you can minimise the risks.

Increased risk of cyber attacks

Cyber security and planned IT security improvement programmes have been put on hold whilst other operational challenges are prioritised. In addition to this, the increased use of remote access tools used by employees whilst working from home increases the risk of cyber attacks.

Malicious cyber criminals can take advantage of this by:

  • Targeting remote access systems with denial-of-service attacks, disrupting business operations, or attempting to extort money.
  • Increasing phishing attacks.
  • Corrupting home wifi networks and accessing IT systems via unsecure VPNs.

CEO fraud and impersonation fraud

CEO fraud and impersonation fraud involve employees within an organisation receiving emails seemingly from a senior executive, instructing the transfer of money to a cyber criminal’s account or requesting confidential financial information. This may be carried out in one of two ways:

  • Name spoofing – uses the name of the CEO but a different email address (which might look similar to the company’s email address).
  • Name and email spoofing – the CEO’s email address has been compromised and the attacker uses the CEO’s name and genuine email address.

It has also been known for fraudsters to pose as the company IT team through emails or calls to obtain passwords or enable malicious software to be downloaded onto IT systems. Our current working circumstance increases the risk of these types of fraud as more of us are working from home and this can be used as justification for unusual and non-routine procedures and processes.

Fraud in the supply chain

Rarely have supply chains faced pressure as immense as that brought on by the COVID-19 outbreak. This increased pressure can increase the risk of fraud in a variety of ways, including:

  • Reliance on new and alternative suppliers.
  • Lack of quality control and due diligence.
  • Risk of improper payments to ‘grease the wheels’.

Insider fraud

Insider fraud occurs when a current or ex-employee, contractor or any other party who once had access to confidential data commits fraud by misusing the information, for example by selling data to competitors or using the insider information to make personal investments.

According to data shared by the Office for National Statistics, August 2020 saw 13.3 per 1,000 employees were made redundant or took voluntary redundancy. The unprecedented events of 2020 meant many organisations across the country were forced to make employees or entire departments within their workforce redundant.

Employees that have been made redundant or facing potential redundancy might be influenced to steal intellectual property, motivated by financial gain, or to cause reputational and financial damage to the organisation.

Phishing, whaling, and smishing attacks

It’s no surprise that COVID-19 created long-term phishing tactics for cyber criminals, pandemic-focused attacks exploited the heightened anxiety and fear felt by those throughout the pandemic.

Phishing is the use of fake emails or shared links to gather sensitive and confidential information about victims, such as: user names and login details and bank account details.

Phishing can also be used to deploy vicious malware onto computer systems. Barracuda reported a spike in COVID-19-related phishing attacks since the end of February 2020. 77% were scams, 22% were brand impersonation, 1% business email compromise.

Whaling is similar to phishing but is targeted and aimed at senior level staff within a business. For example, a CEO or Senior Executive may receive a fraudulent email from a trusted supplier, partner, or employee requesting a transfer of funds.

Smishing is a phishing-style fraud carried out using SMS. Common examples include text messages seemingly from HMRC ‘informing’ victims of tax refunds they are owed.

How to protect yourself against fraud

The different types of fraud listed above are examples of how cyber criminals exploit the remoteness of individuals through the use of technology, involving unauthorised access to a business’s computer systems, or payments made to a fraudulent recipient, usually with the unintentional assistance from a member of staff. Alternatively, employees can pose a potential threat to the business via supply chain fraud or insider fraud.

Because of this, it is essential for organisations to ensure that they monitor the activity of all employees while working from home. Organisations should introduce processes to identify any suspicious or threatening activity and that all employees are properly trained on the potential threats presented to the business and how to identify them during these uncertain times.

Here are our recommendations, which will help to mitigate the risk of fraudulent activity taking place in your business:

  • Ensure that remote access systems are patched and secure
  • Have adequate security controls that are able to withstand distributed denial-of-service attacks
  • Provide employees with guidance and training on potentially fraudulent activity such as how to avoid cyber security breaches and how to spot suspicious activity
  • Agree on internal procedures and implement additional verification procedures before making payments
  • Ensure any electronic invoices are genuine by: contacting various individuals to validate the notification; verifying the email address you have received the email from; sending a new email to a known contact rather than replying directly to the email received.
  • Ensure existing policies and procedures are effective and up to date
  • Practise due diligence
  • Monitor financial controls and ensure that they are adequate.

For support and information on how to better protect your business and your staff from cyber threats, visit ACS Office Solutions or contact us on 01604 704000 and info@acs365.co.uk

Northamptonshire

Related stories

  • Northamptonshire
    May 26, 2022

    Planning application for saints’ new high performance centre approved

    Northampton Saints are delighted to confirm that West Northamptonshire Council Planning Authority have approved the Club’s application for the construction of a…
  • East Hunsbury Primary School Northamptonshire
    May 26, 2022

    New Headteacher for East Hunsbury Primary School as tributes are paid to retiring Head after 21 years’ service

    “Be kind, work hard, believe” – that is the message to children at East Hunsbury Primary School from new Headteacher Kathryn Pennington,…
  • Windfall tax on energy companies: Chancellor and business secretary need to stand their ground against the windfall tax siren calls – MHA comments Northamptonshire
    May 23, 2022

    Windfall tax on energy companies: Chancellor and business secretary need to stand their ground against the windfall tax siren calls – MHA comments

    Following the growing calls to impose a windfall tax on the profits of energy companies, to address the cost of living crisis,…

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Stay up to date on All Things Business

Subscribe to our monthly newsletter to receive the latest business news.

Online Edition

Northamptonshire edition, click here
Milton Keynes edition, click here
Bedfordshire edition, click here

Most Read

  • Howes Percival A trio of new partners in East Mids among five senior promotions
  • centre:mk Centre:mk welcomes brand new Ted Baker store to Milton Keynes
  • Windfall tax on energy companies: Chancellor and business secretary need to stand their ground against the windfall tax siren calls – MHA comments Windfall tax on energy companies: Chancellor and business secretary need to stand their ground against the windfall tax siren calls – MHA comments
  • East Hunsbury Primary School New Headteacher for East Hunsbury Primary School as tributes are paid to retiring Head after 21 years’ service
  • Workplace Wellbeing Why It's So Important Workplace Wellbeing: Why it’s so important

Footer

REGIONS

Northamptonshire
Milton Keynes
Bedfordshire
 

COMPANY

About Us
Contact
Awards
Podcast
Knowledge Hub
Sustainability
Request A Copy

Northamptonshire Office

1 Queensbridge, Northampton
NN4 7BF
Tel: 01604 267677

Milton Keynes and Bedfordshire Office

The Pinnacle, 170 Midsummer Boulevard, Milton Keynes,
MK9 1BP
Tel: 01908 030688

London Office

25 Bedford Square
London
WC1B 3HH
Tel: 0208 1760176

Follow us on

  • Facebook
  • Instagram
  • LinkedIn
  • Twitter

All Things Business is a publication produced by All Things Management Ltd. Registered in England No. 9590677


Privacy Policy