Small Business Financial Article
Rich Best has spent 28 years in the financial services industry, as an advisor, a managing partner, directors of training and marketing, and now as a consultant to the industry. Rich has written extensively on a broad range of personal finance topics and is published on several top financial sites. Recent books include The American Family Survival Bible and Annuity Facts Revealed: What You MUST Know Before You Invest. | |
Preventing Cyber Fraud in Your BusinessAdvancements in technology make it easier to connect an ever-increasing number of people around the globe. Not only have advances in connectivity, speed, conveniences, and wireless payments made it much easier for individuals and businesses to conduct transactions, but they have also opened the door even wider for fraudsters to conduct their pernicious activities. As a result, an increasing number of businesses fall victim to malicious cyber intrusions, costing them tens of billions of dollars each year. Two of the more insidious fraudulent activities perpetrated by cyber thieves on businesses are ransomware attacks and account takeover schemes. Both are difficult to detect and prosecute. Ransomware Attack Cyberthieves have become highly adept at utilizing phishing attacks to lure email recipients into unleashing ransomware into a business’s network. The email looks legit, coming from a financial institution, a customer, or a colleague, when it’s actually a cyber trojan horse containing a malicious link or attachment. When an unsuspecting employee clicks on the link, it releases malware or ransomware that can encrypt a business’s data, rendering it inaccessible to the business. Users are stunned when a message appears claiming that their data has been captured and won’t be released until a ransom is paid. In many cases, the ransoms are small, ranging from $500 to $5,000, because most businesses would rather pay a small sum than expend the resources necessary to retrieve their data. Account Takeover Corporate account takeover can occur when fraudsters gain access to a business’s financial accounts to make unauthorized transactions. That could include transferring funds from the business, making purchases on the business’s credit accounts, adding fake employees to the business’s payroll, or stealing customer information. Cyberthieves Exploit Your Vulnerabilities Cyberthieves have been using the same points of entry to penetrate a business for a decade. They’re just getting much better at deploying more advanced technology to dupe their targets. According to Javelin Strategy and Research, the most common access points for cyber thieves are email and downloads from the Internet. Nearly half of crimes are initiated by opening an email attachment and clicking on email links. Over a quarter are perpetrated by downloading malware from a fake website. A common way for cyber thieves to extract account passwords is by installing keyboard logging software that can track everything you type on a keyboard. Fortifying Your Defenses While it may not be possible to thwart all cyber-attacks, businesses must ensure they are keeping up with the latest cyber security technology, such as data encryption, firewalls for all information portals, antivirus applications, and operating system updates. Businesses must continuously examine and assess possible weaknesses that could be exploited by anyone who wants unauthorized access to information and then review information security policies and procedures. Often a business’s first and last line of defense against cyber-attacks is its employees. Businesses must make employee education on preventing cyber fraud a cornerstone of their employee training and make a point of reviewing security policies at monthly, quarterly, and annual meetings. The more identity theft and cyber fraud are discussed and highlighted, the greater awareness all your employees will have of the potential risk. |