Online fraud is once again in the spotlight today as the Government announces a new national advertising campaign aimed at educating the public. The Stop! Think Fraud campaign comes at the same time businesses are again being bombarded by fake HMRC emails.
The latest seen by us here at SME UK, is among the most genuine looking with seen. The subject line: ‘VAT Period Changes’ includes your name and unlike many phishing emails, there’s no obvious spelling mistakes. The graphics also look realistic. So, how can you protect yourself from falling for a fraudulent email and potentially giving your data to criminals? Here’s 5 ways to ensure your business doesn’t become another statistic…
Understanding online scams
Before we delve into prevention strategies, it's important to understand what online scams are and how they operate. Online scams come in various forms, each designed to deceive businesses into parting with their money, sensitive information, or both. These scams can range from phishing attempts, where scammers impersonate legitimate entities to steal information, to ransomware attacks that lock businesses out of their own data until a ransom is paid.
Types of online fraud
Phishing: One of the most prevalent online scams, phishing involves sending fraudulent emails or messages that appear to be from reputable sources, like the HMRC example above. The goal is to trick recipients into providing personal information or login credentials, in this case, clicking the ‘Access Now’ button.
Ransomware: This type of malware blocks access to a victim's data, demanding payment to restore access. SMEs are often targeted due to perceived weaker cybersecurity measures.
Invoice Fraud: Scammers pose as suppliers or service providers and send fake invoices requesting payment. Unsuspecting businesses may pay these invoices without realizing the fraud.
5 Strategies to avoid being scammed
- Educate your team:
The first line of defence against online scams is a well-informed team. Regular training sessions on identifying and responding to potential scams can significantly reduce the risk of falling victim to them. In the HMRC example, clicking on the sender in address bar would have revealed a suspicions sender, something a human could easily spot.
- Implement strong cybersecurity measures:
Use good quality antivirus software, firewalls, and secure networks to protect your business's digital assets. Strong, unique passwords and two-factor authentication add an extra layer of security.
- Always verify requests for money transfers:
Always double-check requests for payments, especially if they're unexpected or from new contacts. A quick phone call to the requester can verify the legitimacy of the request.
- Regularly update and backup data:
Keeping software up to date and regularly backing up data can prevent loss in the event of an attack. Cloud-based backups offer an additional layer of security.
- Use secure payment methods:
Opt for payment methods that offer fraud protection. Encouraging customers to use these methods can also enhance their confidence in your business.
Tools and resources
There are many tools and resources available to SMEs to bolster their defences against online scams. A good place to start is the small business guide on National Cyber Security website here.
