You’re Not Too Small to be a Victim of Cyber Fraud

We’re all aware that cybercrime exists and it’s a big problem. It’s so big, in fact, that the Office for National Statistics reports that cybercrime and fraud account for almost half of all national incidents of crimes. More than half of all fraud offences are cyber-related.

Despite these numbers, it’s easy to bury your head in the sand and imagine you’re not at risk. Don’t be fooled. The Cyber Security Breaches Survey 2017 carried out by the Department for Culture, Media and Sport revealed that 46% of businesses experienced a cyber breach or cyber attack between 2016 and 2017. Think about that for a moment. That’s nearly one in two businesses.

As someone involved in the finances of your organisation and whose daily work involves handling data invaluable to cyber fraudsters, it’s especially important to make sure you’ve done everything you can to protect your business against attacks. This has become even more important with GDPR since any data breach may instigate large fines, not to mention the reputational damage that can be caused to a business. This has prompted some business to investigate cyber insurance options or hiring external security consultants to provide a risk management appraisal.

So, what can you do?

Be aware of the risks

The first step is to face up to the risks and monitor how the landscape is changing.

Here are some of the concerns experts are currently highlighting:

• Improvements to the process of opening a new bank account to make it easier and quicker may result in greater vulnerabilities while glitches are ironed out.
• The Open Banking initiative has been designed to boost innovation in banking and make it easier for us to carry out financial transaction but it’s likely to increase the risk of data leaks too unless proper securities are in place.
• Chatboxes used by financial institutions to make life easier for customers are being seen by cyber criminals as particularly open to attack.
• Devices such as printers that harness the power of the Internet of Things are interesting targets, especially if those devices don’t have the proper online security protections and are used to store personal information or payment data.

But while the fraudsters get more and more sophisticated, that doesn’t mean you only need to watch out for the cutting edge.

Invoice phishing emails are still a frequent occurrence – some reports estimate every SMB loses £1,658 to invoice fraud each year. This blog offers insight into invoice fraud.

You don’t just face external data breach threats either. Business owners could be vulnerable from staff inside the organisation and offences such as expense fraud are depressingly common. This blog has more on the common expense scams to look out for. 

Other issues such as weak passwords and a lack of anti-virus software on unsecure computers connected to IT Systems, are also risks that can be addressed through some simple steps. For example, these steps can include staff awareness training, securing sensitive information, and using strong passwords. Ensuring software updates on operating systems and other critical software tools such as anti-virus software is installed is also vitally important. Cyber risks such as these can be reduced in both large organisations and smaller businesses by implementing these relatively low cost security measures.

Put steps in place to control risk

The modern world may present a wealth of opportunities for cyber criminals looking for sensitive data, but there are some sensible precautions you can take to mitigate against the risks these cyber threats pose.

The National Cyber Security Centre (NCSC) has put together a guide for small businesses that will help you improve cyber security in your organisation – and get back up and running quickly if you are a victim.

When it comes to spotting incidences of fraud, harness what technology has to offer. Concur Expense automates the expense process, making it easier to enforce your spending policies and giving you transparency and visibility. Concur Invoice helps you protect against invoice fraud – this case study explains how Devon Air Ambulance is protecting against fraud with automated checks in place. And like every reputable company offering technology solutions, we’re well aware of the risks businesses face and put security and data protection at the top our priorities.

The takeaways

When it comes to cybercrime and fraud, perhaps the most important thing to remember is that no business is too small to be a victim. And if no business is too small to be a victim, no business is too small to take steps to protect itself. So, how are you protecting your business?