Cyber-attacks: what to look out for and how to avoid them

In recent months we have seen a significant increase in the number of cyber-attacks and payment fraud, invoice hijacking, and other social engineering scams are affecting a growing number of UK businesses.

At the sharp end, as brokers we are managing a growing number of Cyber insurance claims and the frequency with which these are being reported is alarming. It is apparent that any business could suffer a loss as many attacks are untargeted and the proliferation of malicious software spreads without agenda.

Below, we look at the common types of cyber-attacks we have seen recently, what to look out for and what you should do in the event of a cyber-attack.

Ransomware

Ransomware and business email compromise are the dominant issues for UK businesses based on what we are seeing, and this is happening to SME and mid-market companies with increasing regularity. Every business is digitally dependent, and we have seen serious attacks on construction, manufacturing, and distribution businesses. Our expert team have therefore put together the attached content to help you remain vigilant for a cyber-attack.

Look for emails with:

• Urgent action demands
• Poor grammar and spelling errors
• An unfamiliar greeting or salutation
• Requests for login credentials, payment information, or sensitive data
• Offers that are too good to be true
• Suspicious or unsolicited attachments
• Inconsistencies in email addresses, links, and domain names
• Requests to click on Hyperlinks in the email to access portals or ‘your account’

What you should do:

• Report the email to your company IT team/support
• Report to your insurance broker and make sure you have a Cyber/Crime policy
• Check with the purported sender – phone, do not hit reply
• If in doubt, delete!

Social Engineering

The sophistication of social engineering and payment fraud scams is also alarming with many businesses falling victim with some suffering some very substantial payment losses. Some losses have been because of the supplier's systems being compromised and legitimate orders intercepted and then requests for new/changed payments being requested – referencing the new order.

Look for emails with:

• Requests to make immediate payments following orders
• Changes to usual payment timelines
• Requests to change to bank/BACS payment details
• Any guidance that a business/supplier has changed bank
• Unexpected queries around refunds/overpayments

What you should do:

• Verbally verify that the payment request is legitimate
• NEVER call the number on the correspondence/invoice in question, always use the number on file
• Formalise a process/protocol for employees to follow for payments
• Control payment authorisation so that two people need to approve
• Regularly communicate the process around payment fraud and record that this has been issued
• Ensure that you roll-out some awareness training
• Report to your insurance broker and make sure you have a Cyber/Crime policy

Curious about your business’s cyber risk?

To understand more about the threats your business could face in the future, request a complementary KYND report. Our specialist team will provide you with understandable insights into the threats your business faces.