By Sara Ametrano
Fraud isn’t a crime that only targets individuals. Some scammers set their sights on businesses. Is yours prepared for a potential attack?
As technology continues to evolve and our reliance on it grows, so does our vulnerability to being hacked. In fact, the FBI reports that there are roughly 4000 cyber-attack attempts in the US every day.
On a global scale, 2018 saw the creation of 245 million new viruses, with over 680,000 created each day. The Ponemom Institute reported that 54 per cent of companies experienced one or more successful attack last year. The year before, the Canadian economy took a hit of 3.1 billion, as recorded by the Canadian Chamber of Commerce.
To truly grasp the magnitude of cyber fraud, Trisura Guarantee spoke with IT Weapons’ director of marketing and communications, Jeremy MacBean.
We asked MacBean what the most common error leading to these costly attacks is. “It’s in between the keyboard and chair – the people,” he revealed. “User awareness is the primary threat vector. That represents the biggest risks. It’s safe to say the majority of cyber-attacks begin with people clicking things they shouldn’t.”
Let’s take a look at some of the main types of scams that can impact businesses:
Who’s at risk? Employees who work closely with a CEO or whose jobs include financial responsibilities are most at risk.
In this type of scam, someone is impersonating the CEO through email. These messages typically have a sense of urgency to them and are labelled “confidential.”
A CEO scam can cost businesses anywhere from tens of thousands to millions of dollars.
Who’s at risk? Company size doesn’t matter; any organization can find itself on the receiving end of a potential scam.
For these scams, there are a few different approaches the fraudster can take.
Directory: Here, the attacker sends your company a proposal for an advertising opportunity. First, the fraudster gathers the details needed to execute the crime. Then, he or she sends an invoice to the accounting department, who are unaware that the service was never approved.
Health and safety products: In this type of scam, you may receive a telephone call from the scammer. He or she impersonates a government official, informing you to quickly update your first-aid kits and health and safety training.
Office supplies: For this scam, the attacker will send over items the company didn’t order and then bill the business for them.
Phishing and smishing scams:
Who’s at risk? All employees. Phishing emails and smishing text messages appear to be sent from an authorized organization. They often use a similar tone and the logo of organizations you trust to trick you into providing personal information.
Fraud is an ongoing issue with new cyber viruses created and spreading daily, and different angles for attack. MacBean offers some helpful tips for individuals and businesses to protect themselves and their company as much as possible:
- Identifying the sender of an email is critical. To do this, hover your mouse over an email or URL to see what it links to;
- Think before you click;
- Do not click any attachments;
- Installing antivirus and antimalware can help pre-scan.
- Regular user awareness training;
- Regularly reminding staff to be vigilant;
- Regular training and possibly issuing a test phishing email quarterly or bi-annually.
To learn more about protecting your business against cyber fraud, click here.