Access to the internet is now second nature for those of us working online every day. It has fast become a business imperative to connect to customers, transact business and network across geographies and industries. Likewise, a concern for individuals and companies operating online is keeping sensitive data and information secure from cybercriminals and hackers.
The day to day impact of cybercrime has become a fact of life and a permanent reality for businesses. We continually remind our customers – small businesses, accountants and bookkeepers – to take precautions to keep their data safe from hackers. Like a hospital is charged with protecting patient security, businesses operating online need to take measures to ensure they and their customer data are safe online, and they understand how they can become a target.
It is important to be aware of how scammers look for a way in. It might be via hacked email accounts, which are then used to send out fraudulent invoices that look just like the real thing, but with a fraudulent payment bank account number. Or through a phishing email, to gain access to information like usernames and passwords, credit card details, and bank account numbers. These sophisticated scams may even send a bogus invoice email containing links and attachments that deliver malicious software to your computer, such as ransom-ware, password stealers, or remote access tools (RATs) to take control of your desktop.
Another scam to be aware of is that of account takeovers, where businesses have sensitive customer information stolen because their system is accessed following the theft of their login credentials (username and password). This information is sometimes obtained by hackers using phishing, malware or taking login credentials stolen from one website and testing them against other websites to see if they work there too. This is called ‘credentials stuffing’.
Here are some simple, easy-to-implement tips for better protection: