The Importance of Being Vigilant on the Internet | Microbyte

The Importance of Being Vigilant on the Internet

Will Gott

Are we getting too comfortable with giving out our data these days? With the emergence of Chat GPT, everyone seems more than happy to share even more than they were before! People are giving more, because Ai is becoming ever more articulate and bespoke in terms of its response. We are all aware of cyber threats and internet fraudsters, but how many of us think along the lines of “this will never happen to me” or “I would know for sure if I received a dodgy link”?

Some real-life examples now have me thinking even harder about how serious the risk is, and how a single action from someone in an Accounts team could ultimately cost a business thousands of pounds.

Take a moment to consider your company assets. Do you have expensive laptops and mobile phones in your offices? Do you have valuable machinery in your warehouses? At night when you go home, do you leave your buildings unlocked for anyone to walk in and help themselves to these assets? Do you allow all of your staff access to every piece of equipment and machinery? I am sure you have procedures in place to secure your building, your stock and your other physical assets.

The same must be said for data

Here at Microbyte, we are constantly working internally and with our clients to ensure that data is as secure as possible. What I would like you to think about is what happens beyond that? What happens when a fraudster or spam emails bypass the security measures and allows someone to ‘walk’ into your business potentially accessing emails and bank accounts?

Before the days of internet banking, all we really had to worry about was someone getting hold of our chequebooks and writing a fraudulent cheque. It seems hard to believe that many years ago when I worked for a High Street bank, there would be one person responsible each day for checking all presented cheques over £1000 in value. Signatures would be checked and any unusual amounts or payees would be clarified with the account holder. At this point, the cheque could still be ‘stopped’ and the funds be reversed.

Today, with the advances in internet banking, we can send thousands of pounds at the click of a button, from our PCs, our phones and even our smartwatches. There is no recalling these payments, no stopping them and no reversing the transaction. It is so easy to do that perhaps we are less vigilant. Are we really thinking about the value of this payment and the potential loss to our company if something goes wrong?

If you have access to company bank accounts or sensitive information, you are holding the entire company cash assets in your hands. So, if you receive an accounting request you must be equally mindful of acting on this, even if you deal with the sender regularly. The person who is apparently sending the request may be a victim of hacking in their own right.

Imagine if you were paying someone a large amount of cash. Let’s say you have the arrangement to pay the owner of a business £25,000 for payment of their previous months’ invoices. You arrive at the business with your bag of cash and an unknown staff member greets you and says they have been asked to take the cash on the owner’s behalf.

Would you hand it over? I imagine not! So take a moment to think about what you would do if you received an email asking you to send a payment to a different bank account from the one you normally send to.

Fraudsters are regularly attempting to access mailboxes. Are you aware that just by clicking on a link, you are one step closer to enabling a hacker to gain access to your mailbox? They will then wait for the right moment to intercept a relevant email thread. There have been reports stating that emails from fraudsters advising of new bank details have been sent from genuine mailboxes.  Recipients have acted on this and subsequently sent money to incorrect bank accounts.

Within our Accounts department, we have procedures in place to significantly reduce the risk of this happening. We would never act on an email from anyone (even if it looked to have been sent from the business owner’s email address) asking us to send money to any other bank account other than the one specified on their invoices. Requests of this nature would always be followed up by a phone call to the business owner and unless we could positively identify him or her, we would not act on the request.

Do you have similar procedures in place?

I am sure you all will have at some point, received an email from a bank asking you to follow a link to reset/enter your password. Never ever do this. The emails are rarely (if ever) genuine. Media reports tell of hackers obtaining access to bank accounts in this way. Funds are moved quickly before anyone realises.

Please ensure that staff with access to bank accounts are fully aware of all such risks. Perhaps implement a procedure where you have dual access or limited access for certain staff members. Fraudsters are becoming more and more competent and are catching all IT users unaware. They are targeting us in so many ways and it takes just minutes for our bank accounts to be compromised once they have access.

Be wary also of internal spam – these are emails which seem to have come from a colleague containing payment requests. Do not act on these emails unless you are 100% sure this is genuine. You would be surprised at how genuine these emails can look – I have had several. Why not consider a procedure involving a payment requisition form which should be signed by an authorised member of your business?

Finally, please do stay aware of any data you provide whether willingly or accidentally, as you never know where it might end up.

Similar blogs

Transforming Oregon's Construction Industry with IT Support

Transforming Oregon’s Construction Industry with IT Support

In Oregon, one industry stands out as the backbone of the state’s economy: construction. Contributing $16.22 billion to the state’s GDP in 2023, up from $5.41 billion in 2021, the construction sector continues to grow and remains a vital part of the economy.  From housing estates and renovation projects to commercial spaces and urban redevelopment,…

Read More

Avatar photo

Why is IT support in Dubai so bad?

Why is IT Support in Dubai so bad?

With its impressive skyline, reputation for innovation and being at the forefront of tourism and international business, Dubai seems like the kind of place to have some of the best IT support in the world. Internationally connected and popular with businesses that are increasingly reliant on technology, the city is a tax-free, global expat dream….

Read More

Avatar photo

What is a Disaster Recovery Policy?

Recovering from a disaster requires proper planning. As the cliché goes, ‘Failing to plan is planning to fail’- a truism appropriate for incident responses in a business environment.  When critical business operations are under attack, having a disaster recovery policy is essential to establish the correct response. As a high-level strategic document, the policy informs…

Read More

Avatar photo

What is an IT Security Policy

What is an IT Security Policy

An IT security policy confirms the specific rules and correct procedures governing how employees and other parties may use the company’s IT resources. This type of policy details both what is expected and what actions are not allowed. Policies detail acceptable uses of IT technologies, controls limiting user access, accepted procedures, and the consequences for…

Read More

Avatar photo

A Guide to Responsible IT Asset Disposition

A Guide to Responsible IT Asset Disposition

IT asset acquisition requires careful consideration and post-purchase implementation. IT asset disposition (known as ITAD) involves the full lifecycle of an asset while owned by the business.   Every IT asset has a lifecycle. A home user might use a laptop for 4 – 5 years, but most companies expect a shorter lifespan. The equipment must…

Read More

Avatar photo

10 Important Questions to Ask Before Choosing a Managed Service Provider (MSP)

10 Important Questions to Ask Before Choosing a Managed Service Provider (MSP)

Having a reliable and efficient IT infrastructure is a huge asset to any business. Being able to rely on your technology and having professional support when you need it can set you ahead of the competition. As companies grow increasingly reliant on technology, Managed IT Service Providers (MSPs) offer an affordable, practical and efficient way…

Read More

Avatar photo