Topics: Finance & Accounting Outsourcing
Posted on June 16, 2017
Written By QX Global Group
It always comes as a shock. Although cyber crime affects almost half of all the medium-to-large businesses in the UK, the first time your accounts department or your business is hit by hackers often comes as a rude shock. However, there’s no good excuse for a business that loses money or information to cyber criminals that are using known hacking or fraud techniques and there’s definitely more than one reason for businesses in the UK to be prepared for cyber attacks.
Accounts departments are often the top targets for cyber criminals. Successful hacking, social engineering or payment-fraud related attacks on accounts departments can be disastrous for the entire business. Not only can such an attack lead to the loss of money and sensitive information, but it can also tarnish the image of the business and damage its relationship with vendors and clients.
Here how accounts department can stop being the Achilles heel of the business and get ready to administer a kick in the heads of hackers and fraudsters.
Social engineering refers to email, phone call or another form of communication that pushes the recipient to share passwords, bank information or other sensitive data, or click on malicious links. Through a successful attack, the hacker can often get access to information that can be further used for stealing money or defrauding the business.
Solution
Phishing is the practice of sending emails that seem to come from a reputed source, with the intention of manipulating the recipient to reveal sensitive information. For example, someone from the accounts team may receive an email from a fraudster, masquerading as an authorised person or entity, instructing urgent transfer of funds to a particular account or demanding sensitive information like login credentials or accounts details. Often, spoofing techniques or similar-looking emails or numbers can be used to trick the recipients. Read an article outlining the common email scams for a deeper understanding of the topic.
Solution
The fraudster poses as a regular supplier and sends dummy invoices with details resembling the normal business invoices but with different bank details. He/she may also send a request for change of bank details via email or send a document on a letterhead requesting such changes. Sophisticated hackers may use phishing or social engineering techniques to gain sensitive information needed for launching this activity.
Solution
Malware is a malicious program and it can take different forms: viruses, worms, Trojan horses, ransomware and spyware. WannaCry, the ransomware that disrupted activities of the NHS recently, is an example of malware. The Information Security team is responsible for setting up protections against the malware, but accounts staff that is trained in detecting and avoiding malware can help blunt even sophisticated and innovative attacks.
Solution
Originally published Jun 16, 2017 08:06:40, updated Jul 29 2024
Topics: Finance & Accounting Outsourcing