This new crisis of Covid-19 presents a number of unforeseen challenges to companies, with many needing to create a new standard for working remotely, or where this is not possible the requirement becomes to seek funding, reduce employee numbers/hours or close temporarily.
One of the more unexpected challenges of this time is the resurgence of cybercrime. Cyber criminals tend to utilize major news events as an opportunity to mount a criminal campaign and the Covid-19 crisis is no different. This campaign can take many forms. One of the most common at present being the false emails issued regarding a change of banking details, luring the receiver into issuing payments to the wrong account at what is already a deeply difficult time for companies.
Des Ryan, solutions director for Microsoft Ireland has explained this new resurgence is an attack of opportunity as cyber criminals tend to prey on events which may weaken the defences of a business, in this case the shift to remote working situations.
“Cyber criminals are opportunistic […] we are definitely seeing Covid-19 related attacks as attackers are just using this to find the weak link.”
It is also suggested that cyber criminals are merely adapting their usual tactics to profit from the current crisis. The current breed of cyber criminals is known for sending false emails detailing a change of bank details or requesting a change to Revolut (which would ensure that the funds are transferred with immediate effect). There have also been a number of fake charity accounts set up purporting to benefit the current Covid-19 crisis. These criminals are preying on companies who may not have been prepared to work remotely and have had to set up a temporary system quickly and without training and protection in place and targeting staff members who are now outside of their comfort zone and possibly distracted with their surroundings. Utilising personal laptops and phones etc. may also be a point of weakness as these will not be as secure as those in the workplace.
Many are already feeling the strain of this current atmosphere of anxiety and so it seems We are all protecting our staff health during this time, but how can we protect the digital health of our business at what is already an intense time?
- Consider setting staff up with work laptops and phones where necessary. This will ensure that the devices are as protected for home use as they are within the office environment. Having equipment to hand that requires multi-step authentication will provide extra security.
- Where possible, if a work laptop is not issued, staff should try to ensure that the computer is used only for their work during this time if they deal with sensitive information.
- Online security training may be a good way for staff to utilize this possibly quieter time to upskill.
- Remember and remind your staff of the basics of verifying the origin of an email or phonecall before dealing with any bank details. Often, false emails can be incredibly convincing until you hover over the email address and notice that it isn’t correct.
- Ensure that all staff are aware of these targeted campaigns and are extra vigilant when dealing with any bank details or personal details.
We hope that this information will be of benefit to you and your company and that you and your staff are staying healthy and well in these difficult times. We are as always available should you require any advice or guidance on any business of financial matters.