Access to the internet is now second nature for those of us working online every day. It has fast become a business imperative to connect to customers, transact business and network across geographies and industries. Likewise, a concern for individuals and companies operating online is keeping sensitive data and information secure from cybercriminals and hackers.
Supporting customers with security
The day to day impact of cybercrime has become a fact of life and a permanent reality for businesses. We continually remind our customers – small businesses, accountants and bookkeepers – to take precautions to keep their data safe from hackers. Like a hospital is charged with protecting patient security, businesses operating online need to take measures to ensure they and their customer data are safe online, and they understand how they can become a target.
Ways to be aware of scammers
It is important to be aware of how scammers look for a way in. It might be via hacked email accounts, which are then used to send out fraudulent invoices that look just like the real thing, but with a fraudulent payment bank account number. Or through a phishing email, to gain access to information like usernames and passwords, credit card details, and bank account numbers. These sophisticated scams may even send a bogus invoice email containing links and attachments that deliver malicious software to your computer, such as ransom-ware, password stealers, or remote access tools (RATs) to take control of your desktop.
Another scam to be aware of is that of account takeovers, where businesses have sensitive customer information stolen because their system is accessed following the theft of their login credentials (username and password). This information is sometimes obtained by hackers using phishing, malware or taking login credentials stolen from one website and testing them against other websites to see if they work there too. This is called ‘credentials stuffing’.
Advice for staying safe online
Here are some simple, easy-to-implement tips for better protection:
- Always use strong, unique passwords for each site or service you log in to, and never share passwords. Having a unique password helps prevent a compromise of one login becoming a compromise of many. Password-safe software can help you manage your multiple logins.
- Use two-factor or multi-factor authentication (2FA/MFA) wherever this is available. This is particularly important for your email account, which is usually the means to reset your passwords for other sites.
- Update anti-malware (anti-virus, anti-spyware) software. It is one of the easiest and most effective things you can do to protect yourself.
- Keep all of your software up to date with security patches.
- Make sure your data is backed up regularly, and backup copies are kept separate to the source systems.