Many businesses have had to adapt to new working practices because of the Coronavirus (COVID-19) pandemic and as such, has resulted in a huge increase in virtual communication such as emails, phone calls and online communication. The reduction in face-to-face meetings and discussions means that dealing with suppliers, customers, banks and other organisations all becomes a faceless exercise that is based on trust that you are dealing with the right person on the other end.
Scammers have been taking advantage of this. We’ve seen a variety of cases where fraudsters are calling businesses pretending to be from their phone or internet provider, claiming to be their bank or even, just a retailer. Their efforts appear to know no boundaries in the desire to fool people and businesses. Often, these individuals will directly ask for payments to be made. We have also seen requests for individuals to download software that then gives them control of that staff member’s device. Some of the well thought out attacks have focused on taking control of genuine email addresses and used them to request payments, therefore, making it more difficult to spot the signs of a scam.
With this in mind, it is now even more important to have strong, clear processes in place to ensure the security of your data and finances.
Could you spot a scam?
Even if you know all the hallmarks and what to look out for, with ever-more sophisticated ways to access your data, scams are getting harder to spot. If a fraudster called or emailed you or a member of staff pretending to be a known supplier, would you know it was a scam? They might even contact a staff member pretending to be you. For example, how can you tell if this email’s genuine?
Steps & Processes to Assist
To help you and your co-workers spot these scam attempts, here are some useful tips on the steps and processes you should consider. Remember – it is good to have a healthy level of suspicion!
- If you get an unexpected email that asks you to click on a link or attachment, do not do it! Even if the sender seems familiar and even if it appears to be coming from a known email address, it could be fraudulent. Instead, contact your IT support to verify the source. If that’s not possible then speak to the sender to verify the request.
- When someone calls unexpectedly, don’t give them any information like personal details, bank details or PINSentry codes. If that information is needed, then you can call the official organisation back and be transferred to the person that needs the details if they are legitimate.
- Never download any software onto your device on the instruction of someone you don’t know. Fraudsters can use this to access or trace your machine, allowing them to gather all sorted of personal information and access details. Work with your IT team to ensure that the download needed is genuine and you are dealing with someone you know.
- Have a payment-checking process in place. For example, if you receive a request to update the bank details you have on file or get new bank details for a payment, confirm this by calling that person or organisation using details you already have, and not those provided in the request. You should also do this with requests from anyone within your own organisation.
- Have secure IT policies in place, such as having strong passwords, using a VPN (virtual private network) when working from home, and using an extra layer of authentication for email and payment processes (such as a unique code texted to your mobile). Make sure these security measures are tested regularly too!
- Make sure you and all your staff, regardless of their role, are made aware of the scams that are circulating and the risks they pose. If just one member of staff makes an honest mistake it could extremely damaging. Every individual is part of the first line of defence against these scams.
- Speak to your IT team and stage fraud awareness sessions to spread the knowledge and information.
Get in touch to see where we can help – 01223 901 900
The common message in all of this is to be suspicious, the best protection against all these attacks comes from awareness and education. If all users have that level of knowledge and caution, then they will know what to look out for and potentially prevent anything happening.
If in doubt, then don’t click or respond
Our team are here and available to help if required, feel free to get in touch. Cambridge Support Helpdesk team on Helpdesk@CambridgeSupport.com or 01223 901 900 and let’s see what we can do to help!