London – 9th May - Online fraud and phishing scams have become a massive issue for businesses both big and small.
According to the recently published UK government cyber security research, 52% of small businesses have experienced some form of cyber security breach over the last 12 months, with fraudulent emails making up 72% of cases.
And the techniques have become more and more sophisticated. In January, accountancy firm KPMG recorded the total value of fraud reported to the courts in the UK last year to have exceeded £1.1bn - showing a dramatic 55% year-on-year rise.
In March Google and Facebook were subject to a phishing scam that lost them over $100m, proving that even the largest companies in the world are immune from cyber crime.
Posing as Taiwanese electronics manufacturer, Quanta Computer, Evaldas Rimasaukas,48, conned the two tech companies into sending him over $100m (£77m).
He has now been charged with wire fraud, money laundering and aggravated identity theft for posing as the company, who have Apple, Google and Facebook as clients.
Facebook said in their statement: “We recovered the bulk of the funds shortly after the incident and have been cooperating with law enforcement in its investigation.”
Google also made a statement that said that they had “detected this fraud against our vendor management team and promptly alerted the authorities. We recouped the funds and we’re pleased this matter is resolved.”
Last year a report by Allianz Global Corporate and Speciality ranked cyber crime at number 3 on their 'Top 10 Global Business Risks for 2016' citing the detrimental effects on productivity, reputation and liability claims as their major concerns.
So what is a phishing scam?
Typically a phishing scam involves a criminal impersonating a supplier or company, faking an email address or an invoice in an attempt to get you to hand over personal information such as bank account details, credit card numbers or passwords.
And what can you do to avoid them?
Invest in security and antivirus software
Spam and security filters are built into many email systems and security products will intercept mass phishing attempts and block any emails with malware attached to them.
Security awareness training
Making sure that your staff understand phishing, suspicious email content and password best practice is an excellent way to beat cyber crime. Make sure that they understand how their everyday computer use including what they disclose on social media, could affect the security of both their own personal details and the companies.
All businesses should implement a clear social media policy, highlighting what can and can’t be shared. Hackers occasionally send friend requests to garner more information on a company before the attack.
Encourage your team to question any suspicious emails or calls from colleagues, clients and suppliers without a fear of reprisal. The most effective phishing attempts are often hackers impersonating senior members of staff, knowing that employees will so what they are told with no questions asked.