Fraudsters take aim for more targeted approach
Fraudsters are increasingly using more elaborate methods to gain access to information and money from organisations and at 4Cambridge we have seen a number of clients come under attack in recent months.
Phishing is the attempt to obtain sensitive information such as usernames, passwords and credit card details for malicious reasons (often, but not exclusively, for money). Historically phishing emails were easy to identify, with poor quality images or obvious spelling mistakes. However, phishing emails are now often difficult to spot. They are also much more targeted, frequently referring to staff by first name. In some cases the fraud starts with a telephone call to collect background information before they start their attack.
Many phishing emails can be innocent looking, such as a fake Amazon purchase confirmation or Dropbox file sharing invite. Clicking the links can then activate installation of viruses or other malware onto your computer, potentially infecting not just your PC but any others on the same network.
One of the most common forms of attack is ransomware. This is a program that encrypts files on your PC and then demands a ransom be paid to get the files back. Once triggered, the program works away in the background without any obvious signs of what is happening until it is too late. Needless to say, even if you pay up the chances of getting your files unlocked is very slim.
“CEO fraud” in particular has been one of the phishing successes of the last year, such as emails pretending to come from a director or senior manager to the finance team asking for an urgent payment to be made to a supplier. Often finance teams are afraid to query or challenge the request and the result is that the payment is made to the fraudsters.
Similarly we have also seen a number of supplier transaction frauds. The most common of these involve requests to change the payment details for existing suppliers, or fake orders for goods that haven’t been delivered. Again, the fraudsters often know the names of suppliers and they identify their targets accordingly.
Key actions to protect yourself and your organisation:
- Ensure you install the latest security patches and updates for your computer (ideally set this to happen automatically or be centrally managed).
- Ensure you are using appropriate antivirus software and that it is kept up to date.
- If you receive an email with links or an attachment that you are not expecting, delete it.
- If you receive an email request to send information or a request for payment that seems in any way unusual, check via telephone or other means to ensure the request is valid.
- Be cautious about what information you give out over the phone, particularly to unsolicited calls.
- Ensure you have good processes for when you receive requests for changes to payment details (such as telephoning your supplier to confirm that the request is genuine).
- Ensure you have a backup of all your files and that this is kept offsite. That way, if you are hit by ransomware you will be able to safely recover your files.
- Train your staff on the fraud risks in their role and make sure they know what to do if they suspect something may be fraudulent.
- If you believe that your computers may be infected with a virus or malware, seek professional IT advice to get your systems fully checked out and cleaned.
Consider going through a review of your security setup and working towards an accreditation such as the government-backed Cyber Essentials scheme. Whilst this doesn’t guarantee to protect you, it does ensure that you reduce the risks and it helps to raise awareness of the issues within the organisation.
The IT team here at 4Cambridge are able to advise on ways to protect you and your business against fraud. Please contact Jon Stanton at firstname.lastname@example.org for more details.