How to keep cyber fraud at bay in 2023

event space shoreditch

In the wake of the pandemic, the traditional nine-to-five office workday has become a blur of remote or hybrid working.

 

On the whole, it’s fair to say we’ve all done pretty well in adjusting to this shift, but the new working world isn’t without its challenges. As we head into a new year, there’s a problem every organisation will face at one time or another: cyber attacks.

 

The global cost of cyber crime could reach $10.5 trillion (£8.6 trillion) annually by 2025, representing the greatest transfer of economic wealth in history. Unfortunately, for small and medium-sized enterprises (SMEs) without substantial resources or an incident response plan, suffering a breach is often impossible to recover from.

 

Nowadays, cyber security is really everybody’s business. So, what are the most common causes of cyber fraud — and what can you do to steer clear of them?

 

Unsecured networks and devices

 

The mass pivot to working on the move has come with many great benefits — but it can also expose unprepared companies to new cyber security risks.

 

For example, remote working makes it much harder to monitor data security management, especially when employees use personal devices to access corporate data, often on unsecure networks.

 

Unlike office-based systems, personal devices may not have security tools and protections like email filtering, firewalls and encryption. So, if your staff are working on the go without a secure network connection and log in to an unencrypted site, other users on the same network can see what they’re up to.

 

Seizing the opportunity, they could hijack a session and obtain valuable information that could put your business at risk — and invite unwanted attention from data protection authorities.

 

Securing your connection

 

Employers can provide secure access to devices and networks by deploying a virtual private network (VPN).

 

A VPN is a service that protects your internet connection and online privacy with an encrypted tunnel for your data, ensuring sensitive information and online activity stay hidden. There are loads of VPN apps available that make the process super easy to use and understand.

 

Unlike a coffee shop (or even an employee’s home), a good coworking space will also have the option of using a VPN along with other measures to help fight cyber crime — such as an individual network for each business using the space, a separate network for guests and a dedicated IT administrator or team to ensure all networks are set up securely.

 

It’s also worth finding a secure file-sharing platform that ensures your data is encrypted as it’s shared within your network and with third parties. And have you ever noticed the little padlock on your web browser? When locked, this icon indicates that the page you’re on provides a secure channel between your browser and the website’s server — a fact worth sharing with your teams.

 

Phishing attacks

 

Phishing is a social engineering scam that cyber criminals use to steal user data — including login credentials and credit card numbers.

 

Hackers will masquerade as a trusted entity (typically a bank) to dupe victims into opening spam emails or messages that include a malicious link. In just one click, an unwitting victim can invite a malware attack or freeze their system, allowing fraudsters to make an unauthorised purchase, empty bank accounts or conduct identity theft.

 

Spear phishing takes things one step further…

 

Commonly used to target a specific business or individual, hackers use clever spear phishing tactics to approach workers through emails that appear to be from a trusted sender. Such sneaky strategies make it hard to spot the warning signs — but there are a few red flags to look out for.

 

Recognising a scam

 

For the best chance at avoiding a phishing attack, you should:

 

  • Keep an eye out for incorrect spelling and bad grammar in communications.
  • Avoid clicking on links or downloading files from an unknown sender.
  • Look out for subtle differences in web addresses, logos and landing pages.
  • Question panic-inducing messages that demand ‘urgent’ action.

 

Human error

 

With 82% of all cyber security breaches coming from human error, it’s safe to say it’s one of the biggest security threats organisations face.

 

Typically, there are two categories of human error. The first is skill-based, involving an individual making a mistake completing a familiar task. The second is rooted in decision-making, with an individual’s misunderstanding of cyber risk leading to the compromise of sensitive data.

 

No matter how human error occurs, it can result in huge damages, so awareness of how to reduce the risks is essential.

 

Reinforcing your defences

 

Providing cyber awareness training and following IT security best practices can equip your employees with simple tools that’ll significantly reduce the risk of human error.

 

Password hygiene is a good place to start. Encourage employees to choose strong passwords that don’t include personal information and update them every three months or less.

 

If you’re able to splash out on some security software, implementing multi-factor authentication (MFA) can prevent 99.9% of password-related cyber attacks on your accounts. Even if a hacker has your login details, MFA requires users to input an authentication code or scan a face or fingerprint to gain access — providing an extra layer of protection.

 

By learning about common vulnerabilities and the small actions you can take to protect your accounts from cyber fraud, you can develop a culture of cyber awareness and deter hackers in 2023 and beyond.

 

Looking for a flexible office space with a secure, private network to work from in London? Check out our locations and request a quote to get started with The Brew today.