One thing that is sure to have crossed many people’s minds this month will be a vow to try and manage their finances a little better, especially now that the season of splurging is officially behind us. So what better way to spur us on to getting our finances fighting fit than a look at why a greater focus on cyber-security awareness, coupled with implementing the right policies and procedures, could work wonders for your company finances?
Think before you trust
A cyber security policy should be most evident in your accounts department. Anyone who is likely to receive payment requests and has the ability to fulfil them, needs to be aware of the tactics cyber criminals use and have a clear company policy to work within that will enable them to separate potential scams from genuine payment requests.
Financial scams have become particularly rife in the professional services sector - targeting solicitors and estate agents in particular - where significant transactions are often sent electronically and payments sent on behalf of a client to a bank.
It is this two-stage process that cyber criminals have found ways of exploiting. If they can intercept the original email detailing where and how much money should be sent, they will attempt to redirect the payment by sending a new email, seemingly from the same person, with ‘new’ bank details. It is this that has made it possible for cyber criminals to receive millions in wrongly transferred funds, and left many businesses facing a significant loss.
Keep things personal
Life may have been made easier in many respects with the introduction of technology, but technology is also easier to exploit. Emails may be convenient, but shouldn’t be automatically trusted. An email server could be shielding anyone. If a stranger approached you in everyday life and requested money on behalf of someone you trust, would you automatically believe them or would you check with the other person first?
If your staff have been authorised to deal with payments, it is their job to know when alarm bells should be ringing, but it’s your job to make sure they have the knowledge and awareness to know when something doesn’t seem right, and to encourage them to question it. They should be checking at every step that every detail is correct, especially when large amounts of money are at stake.
Our recommendation would be to advise your staff NEVER to rely on the information they see on screen. They should always speak with the recipient before sending a payment to double check the information in the email, using a number they’ve used to communicate before. This way, they can be sure that the payment is going to the right person.
It’s your responsibility as a business to set policies such as these and make sure that all of your staff understand and operate within them. Without them, your business could suffer serious financial losses: is it worth the risk?
To speak to an expert in cyber security for Yorkshire businesses about how we can help you with these policies, contact us.