The Importance of Being Vigilant on the Internet | Microbyte

The Importance of Being Vigilant on the Internet

Will Gott

Are we getting too comfortable with giving out our data these days? With the emergence of Chat GPT, everyone seems more than happy to share even more than they were before! People are giving more, because Ai is becoming ever more articulate and bespoke in terms of its response. We are all aware of cyber threats and internet fraudsters, but how many of us think along the lines of “this will never happen to me” or “I would know for sure if I received a dodgy link”?

Some real-life examples now have me thinking even harder about how serious the risk is, and how a single action from someone in an Accounts team could ultimately cost a business thousands of pounds.

Take a moment to consider your company assets. Do you have expensive laptops and mobile phones in your offices? Do you have valuable machinery in your warehouses? At night when you go home, do you leave your buildings unlocked for anyone to walk in and help themselves to these assets? Do you allow all of your staff access to every piece of equipment and machinery? I am sure you have procedures in place to secure your building, your stock and your other physical assets.

The same must be said for data

Here at Microbyte, we are constantly working internally and with our clients to ensure that data is as secure as possible. What I would like you to think about is what happens beyond that? What happens when a fraudster or spam emails bypass the security measures and allows someone to ‘walk’ into your business potentially accessing emails and bank accounts?

Before the days of internet banking, all we really had to worry about was someone getting hold of our chequebooks and writing a fraudulent cheque. It seems hard to believe that many years ago when I worked for a High Street bank, there would be one person responsible each day for checking all presented cheques over £1000 in value. Signatures would be checked and any unusual amounts or payees would be clarified with the account holder. At this point, the cheque could still be ‘stopped’ and the funds be reversed.

Today, with the advances in internet banking, we can send thousands of pounds at the click of a button, from our PCs, our phones and even our smartwatches. There is no recalling these payments, no stopping them and no reversing the transaction. It is so easy to do that perhaps we are less vigilant. Are we really thinking about the value of this payment and the potential loss to our company if something goes wrong?

If you have access to company bank accounts or sensitive information, you are holding the entire company cash assets in your hands. So, if you receive an accounting request you must be equally mindful of acting on this, even if you deal with the sender regularly. The person who is apparently sending the request may be a victim of hacking in their own right.

Imagine if you were paying someone a large amount of cash. Let’s say you have the arrangement to pay the owner of a business £25,000 for payment of their previous months’ invoices. You arrive at the business with your bag of cash and an unknown staff member greets you and says they have been asked to take the cash on the owner’s behalf.

Would you hand it over? I imagine not! So take a moment to think about what you would do if you received an email asking you to send a payment to a different bank account from the one you normally send to.

Fraudsters are regularly attempting to access mailboxes. Are you aware that just by clicking on a link, you are one step closer to enabling a hacker to gain access to your mailbox? They will then wait for the right moment to intercept a relevant email thread. There have been reports stating that emails from fraudsters advising of new bank details have been sent from genuine mailboxes.  Recipients have acted on this and subsequently sent money to incorrect bank accounts.

Within our Accounts department, we have procedures in place to significantly reduce the risk of this happening. We would never act on an email from anyone (even if it looked to have been sent from the business owner’s email address) asking us to send money to any other bank account other than the one specified on their invoices. Requests of this nature would always be followed up by a phone call to the business owner and unless we could positively identify him or her, we would not act on the request.

Do you have similar procedures in place?

I am sure you all will have at some point, received an email from a bank asking you to follow a link to reset/enter your password. Never ever do this. The emails are rarely (if ever) genuine. Media reports tell of hackers obtaining access to bank accounts in this way. Funds are moved quickly before anyone realises.

Please ensure that staff with access to bank accounts are fully aware of all such risks. Perhaps implement a procedure where you have dual access or limited access for certain staff members. Fraudsters are becoming more and more competent and are catching all IT users unaware. They are targeting us in so many ways and it takes just minutes for our bank accounts to be compromised once they have access.

Be wary also of internal spam – these are emails which seem to have come from a colleague containing payment requests. Do not act on these emails unless you are 100% sure this is genuine. You would be surprised at how genuine these emails can look – I have had several. Why not consider a procedure involving a payment requisition form which should be signed by an authorised member of your business?

Finally, please do stay aware of any data you provide whether willingly or accidentally, as you never know where it might end up.

Similar blogs

Benefits of Copilot for Microsoft 365

Benefits of Copilot for Microsoft 365

Copilot is an Artificial intelligence (AI)-based tool to enhance creativity and time efficiency. Benefits of using this ChatGPT AI technology – Microsoft is an investor in the business – do not stop there. Depending on the version used, the interface generates useful responses based on meaningful inputs. Microsoft announced Copilot for Microsoft 365 and first…

Read More

Avatar photo

Microsoft Authenticator vs Google Authenticator

Microsoft Authenticator vs Google Authenticator

Our digital lives in 2024 are increasingly complex. Effective security is essential to ensure nothing nefarious occurs. Manual password entry creates the risk of ‘shoulder surfing’ or other surreptitious methods used to discover your security information. Using two-factor authentication (2FA) or multi-factor authentication tools (MFA), such as Google Authenticator or Microsoft Authenticator mobile apps, substantially…

Read More

Avatar photo

Moving from Internal to Outsourced IT Support

Moving from Internal to Outsourced IT Support

Having reliable IT support is one of the most crucial parts of any modern business. Whether it’s tackling minor software glitches, protecting against cyber threats, offering a seamless experience to customers, or simply ensuring a smooth workflow for employees, an effective IT support system is the backbone of any business. But the game is changing….

Read More

Avatar photo

The Business Benefits of Cyber Essentials Certification

The Business Benefits of Cyber Essentials Certification

As IT continues to dominate and dictate international business, fortifying digital defences is paramount. Protecting your business from the devastating consequences of a cyber security breach should be a number one priority for every business.  The good news is that obtaining a Cyber Essentials certification is a simple and easy step to help protect against…

Read More

Avatar photo

Improve Your IT Helpdesk With SOPs

Improve Your IT Helpdesk With SOPs

As technology continues to drive businesses around the world, the role of IT helpdesks has evolved into a pivotal force, serving as the central point for user support and technical issue resolution. With organisations increasingly reliant on intricate digital infrastructures, the efficiency of IT helpdesks becomes paramount in ensuring seamless operations. Enter Standard Operating Procedures…

Read More

Avatar photo

A guide to switching IT Support Provider

A guide to switching IT Support Provider

The relationship between a business and its IT support company is a close one. With IT at the centre of almost every business, responsible for daily operations, goals, plans, feedback, data storage and communication, the right IT partner can be the driving force behind a company’s success. But as your business evolves, it’s essential to…

Read More

Avatar photo