The rise of fraud means it’s more important than ever to be ‘security aware’ both personally and in business – here are some pointers to protect against cybercrime:
1. Financial paperwork
Cyber crime is rife in banking and credit cards, so diligence is imperative. Up to date tech helps in business: for example, some modern accounting packages offer secure check facilities where checks generated are tamper resistant and more or less impossible to forge with features such as embedded holograms.
Statements and bills can offer fraudsters opportunities in terms of account numbers with full postal addresses, so file them safely or consider paperless billing.
2. Bogus phone calls
Beware of callers claiming they’re from your bank or other financial institution you deal with asking for your security details on the premise they’re checking a so-called security breach – especially if they’re asking you to move money.
Genuine bank or credit card company staff don’t ask for PIN numbers and other sensitive information over the phone.
If you receive a phone call like this, terminate it and contact your bank to see if the original call was genuine and follow these other tips.
3. Identity theft
A rising fraud activity; some burglars are only interested in finding something with your full name and address details on it, or your computer purely for the information it holds about you.
Be aware of the following:
- Shred any papers showing your personal information even if it’s just your name and address
- Be very wary of any letters, phone calls or emails purporting to be from your bank requesting personal details and passwords
- Don’t reply to unsolicited emails even if removing yourself from their mailing list; it’s a sign your address is ‘active’ and you’ll simply receive moreIgnore mailings telling you you’ve won a lottery or competition you know you didn’t enter
-
4. IT fraud
A common fraud method as they rely on some organizations’ security vulnerabilities such as out of date software and the same passwords being used for months on end.
They also bank on some staff cutting corners and not being aware of the online threats.
To combat both, organizations should ensure their IT infrastructure is up to date with the latest software and that passwords are changed regularly. Staff should be made aware of good security procedures and trained and retrained regularly.
5. Password policies
Following on from the above, ensure password security as follows:
- Change them regularly – 60 to 90 days minimum
- Set house rules – for example, insist that passwords are a certain length and contain at least some numbers and upper case characters
- Levels of access – passwords should only allow access to relevant levels of the IT system
- Sharing – insist no-one shares their password with anyone else at all
-
6. Email fraud
A popular method is ‘phishing’ where an email supposedly from a bank or other company asks you to click a link or phone a certain number.
These are nearly always bogus – check for the following:
- Your bank and other organizations you deal with will usually use your name
- They wouldn’t ask you for passwords or other sensitive information
- They’re unlikely to ask you to ‘click this link’
If in doubt contact your bank or whoever the email is from using the number you have for them, not the one on the email.
7. Staff anti-fraud education
Training your staff in good security measures when using IT systems and guarding company information is important.
It’s also vital to ensure ‘refresher’ training is conducted as threats can change as tech and business practices evolve.
8. Employee background checks
Because many staff these days are accessing IT systems and are privy to sensitive customer data, conducting pre-employment background checks is good business practice.
Along with cyber crime and helping staff stay secure when using IT, staff should be trained in how to spot counterfeit money, checks and stolen credit cards if they’re involved in financial transactions.
9. Monitoring
While not wishing to suggest to staff you don’t trust them, a degree of surveillance is worth considering such as in, say, areas where valuable goods or money is handled. A CCTV security system could be considered – this also guards against possible customer fraud and theft.
10. Review paperwork
Especially in larger organizations, it’s possible for fraudsters to ‘try their luck’. For example, there may be invoices from bogus vendors or forged purchase orders supposedly from your company, and some contractors may bill for work they never actually did or over-bill for work done.
These rely on organizations dealing with mountains of paperwork not being diligent when checking and can cost industry millions – as does other fraud.