search.noResults

search.searching

note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
INFORMATION Don’t get harpooned by fraud


Also known as a whaling or an impersonation scam, CEO fraud is a sophisticated email phishing attack. Award-winning managed IT and communications provider Air-IT explains how to tackle this increasing cyber-threat. Typically, this form of cybercrime aims to trick an


employee by masquerading as the CEO of the business via email. Emails are often aimed at finance or accounts personnel – or those with access to banking details. Requesting an urgent bill payment or money transfer, many of these requests are met with success under the guise of supporting the interests of the business, or CEO.


INTERNAL WEAKNESS Sadly, this method of social engineering is effective because it plays upon our human tendency to trust and help others, as well as the desire to impress our superiors. Even if the request seems unusual, the recipient may be uncomfortable questioning the CEO of their business. Email impersonation is becoming more widespread


and poses a significant financial risk to companies. In a recent Government report, 32% of businesses surveyed said they had been the target of organisational impersonation. Action Fraud, the UK’s national fraud and cybercrime


reporting centre, stated that approximately £32m was lost by businesses to CEO fraud. Limited companies were most at risk - 52% of reports originated from this type of business. While these figures are shocking, clearly these messages and the tactics used within them can be convincing. Correct names, titles and spoofed email domains add authenticity, and content is cleverly written to avoid spam filters. Sam Reed, Chief Technology Officer at Air-IT, said:


“CEO fraud is on the rise but the primary defence against this type of attack is through employee education and by having clearly defined processes. Impersonation scams are highly dependent on the recipient taking action. With a clear understanding and awareness of this threat, employees can drastically reduce and limit the odds of any fraudulent emails succeeding.”


BEST PRACTICE AND AWARENESS Employees, particularly those responsible for banking, should be aware of the warning signs of fraudulent emails, such as domain name and header anomalies. This is a tactic used to copy the appearance of an email address and something a busy employee might miss. It also helps to tighten the process for approving financial requests and, finally, employees should not be afraid to check with their CEO if a financial request seems unusual. Better to be safe than sorry. As best practice, businesses should be using an


enterprise-grade anti-spam product to prevent attack.


WHAT ELSE CAN BE DONE? A layered approach to cyber security helps to win the battle, where several technologies are combined to improve your defence. Sam said: “Unfortunately, it’s very difficult


to safeguard against CEO fraud as emails are highly targeted and lack the traditional characteristics of spam in the sense that they’re malware free. This means many slip past spam filters unnoticed. “At Air-IT, we’ve invested in an industry-


leading solution, enabling our clients and end users to benefit from the very highest levels of protection and from a wide range of email-borne threats, including impersonation scams. It’s able to pick out the indicators of fraudulent email based on domain irregularities, sender spoofing and certain keywords. If any of these warning signs are detected, emails are marked as suspicious to alert the user, and can be followed up by our service desk team.”


REPORTING CEO FRAUD If you suspect you have been targeted by email impersonation, you should report this to your email or IT provider straight away. Do not reply or respond to the sender in any way.


If you should become victim to CEO Fraud, you should immediately report the crime to your bank, the Police and Action Fraud UK on 0330 123 2040.


‘A layered approach to cyber security helps to win the battle’


The future of security systems


Simon Morris MIET (pictured), Head of Design at Total Integrated Solutions (TIS), evaluates the security risks to company property and how to mitigate them.


The Commercial Victimisation Survey (CVS) estimates that across all sectors in 2015 there were 9.2m crimes against businesses, of which property-related crime contributed to 91%. These crimes range from theft and burglary to robbery and vandalism. So it’s no wonder that many insurance companies require security measures to be put in place by an NSI or SSAIB- approved installer as a pre- requisite to providing cover. There are several methods a building manager or owner can


utilise to reduce the risk of becoming a victim of these types of crime, and the decision of which to implement should be made following the production of a security risk assessment, carried out by a security professional or upon advice from their insurance company. Two methods of


mitigating risk are physical and active security. Physical security are the


measures put in place to physically bar persons from entering the building or site. Active security is an


electronic security system that


‘acts’ upon the detection of an intruder. These can be as simple as an automatic light, to the complex integrated security solution that links Access Control, CCTV, and intruder alarm systems together. Security systems have come a


long way from the barking dog and the padlock. We now have ‘smart’ technology that allows security systems to constantly analyse their surroundings and connect to a converged infrastructure to share information between other systems. With enhanced connectivity and smartphone access, never before


has so much functionality and autonomy been possible with the humble security system, and it’s not stopping there. Imagine what will be possible


when every electronic security device, from cameras and intruder panels to light fittings and maglocks, is connected to the internet. Far-fetched? Well that’s the basis of the ‘Internet of Things’ and we’re approaching it pretty quickly. We’ve already got internet- connected TVs, microwaves, washing machines, door bells and heating systems. Watch this space.


business network July/August 2017 51


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62  |  Page 63  |  Page 64