All Things Business Bedfordshire

orderForm.title

orderForm.productCode

orderForm.description

orderForm.quantity

orderForm.itemPrice

orderForm.price

orderForm.totalPrice

orderForm.deliveryDetails.name

orderForm.deliveryDetails.accountNumber

orderForm.deliveryDetails.phone

orderForm.deliveryDetails.poNumber

orderForm.deliveryDetails.email

orderForm.deliveryDetails.companyName

orderForm.deliveryDetails.billingAddress

orderForm.deliveryDetails.deliveryAddress

orderForm.deliveryDetails.deliveryDetailsDeliveryAddressSameAsBillingAddress

orderForm.deliveryDetails.address1

orderForm.deliveryDetails.address2

orderForm.deliveryDetails.city

orderForm.deliveryDetails.state

orderForm.deliveryDetails.postCode

orderForm.deliveryDetails.country

orderForm.deliveryDetails.additionalInformation

orderForm.noItems

competitors or using the insider information to make personal investments. According to data shared by the Office for

National Statistics, August 2020 showed 13.3 per 1,000 employees were made redundant or took voluntary redundancy. T e unprecedented events of 2020 meant many organisations across the country were forced to make employees or entire departments within their workforce redundant. Employees that have been made redundant or

are facing potential redundancy might be infl uenced to steal intellectual property, motivated by fi nancial gain, or to cause reputational and fi nancial damage to the organisation.

Phishing, whaling, and smishing attacks It’s no surprise that COVID-19 created long-term phishing tactics for cyber criminals. Pandemic- focused attacks exploited the heightened anxiety and fear felt by those throughout the pandemic. Phishing is the use of fake emails or shared links

to gather sensitive and confidential information about victims, such as: user names and login details and bank account details. Phishing can also be used to deploy vicious

malware onto computer systems. Barracuda reported a spike in COVID-19-related phishing attacks since the end of February 2020. 77% were scams, 22% were brand impersonation, 1% business email compromise. Whaling is similar to phishing but is targeted

and aimed at senior level staff within a business. For example, a CEO or Senior Executive may receive a fraudulent email from a trusted supplier, partner, or employee requesting a transfer of funds. Smishing is a phishing-style fraud carried out

using SMS. Common examples include text messages seemingly from HMRC ‘informing’ victims of tax refunds they are owed.

How to protect yourself against fraud T e diff erent types of fraud listed above are examples of how cyber criminals exploit the remoteness of individuals through the use of technology, involving unauthorised access to a business’s computer systems, or payments made to a fraudulent recipient, usually with the unintentional assistance from a member of staff . Alternatively, employees can pose a potential threat to the business via supply chain fraud or insider fraud. Because of this, it is essential for organisations to ensure that they monitor the activity of all employees while working from home. Organisations should introduce processes to identify any suspicious or threatening activity and that all employees are properly trained on the potential threats presented to the business and how to identify them during these uncertain times. Here are our recommendations, which will help to mitigate the risk

of fraudulent activity taking place in your business: - Ensure that remote access systems are patched and secure. - Have adequate security controls that are able to withstand distributed denial-of-service attacks. - Provide employees with guidance and training on potentially fraudulent activity such as how to avoid cyber security breaches and how to spot suspicious activity. - Agree on internal procedures and implement additional verifi cation procedures before making payments. - Ensure any electronic invoices are genuine by: contacting various individuals to validate the notifi cation; verifying the email address you have received the email from; sending a new email to a known contact rather than replying directly to the email received. - Ensure existing policies and procedures are eff ective and up to date. - Practise due diligence. - Monitor fi nancial controls and ensure that they are adequate.

For support and information on how to better protect your business and your staff from cyber threats, visit ACS Offi ce Solutions at www.acs365.co.uk or contact us on 01604 704000

ALL THINGS BUSINESS 21

Page 1 | Page 2 | Page 3 | Page 4 | Page 5 | Page 6 | Page 7 | Page 8 | Page 9 | Page 10 | Page 11 | Page 12 | Page 13 | Page 14 | Page 15 | Page 16 | Page 17 | Page 18 | Page 19 | Page 20 | Page 21 | Page 22 | Page 23 | Page 24 | Page 25 | Page 26 | Page 27 | Page 28 | Page 29 | Page 30 | Page 31 | Page 32 | Page 33 | Page 34 | Page 35 | Page 36 | Page 37 | Page 38 | Page 39 | Page 40 | Page 41 | Page 42 | Page 43 | Page 44