Cyber Crime Threats To Remote Workers & Business Security

 

As most businesses continue to be locked in the grip of the COVID-19 emergency, efficient business security is crucial to protect premises, people and assets. We have seen a significant increase in incidents, alarms and requests to protect unmanned premises 24/7 from ‘physical threats to business security. Physical security threats are one thing, but many businesses and their staff are being blind-sided by online cyber attacks during the lockdown too.

During the COVID-19 emergency there has been a surge in cyber attacks on businesses, remote workers and individuals. A recent report by the BBC, entitled ‘Coronavirus: How hackers are preying on fears of Covid-19’ states that security experts say the spike in email scams linked to coronavirus is the worst they have seen in years.

What does this mean for UK businesses? 

According to a just-published report from the Centre for Economics and Business Research (CEBRE), cyber attacks are costing UK firms an ‘eye watering’ £34 billion.

Hackers are jumping at the chance to take advantage of the current situation and are launching attacks against unsuspecting victims. Since January, more than 4,000 coronavirus-themed web domains have popped up. It’s suggested that around 5 per cent of these are suspicious and 3 per cent malicious.

The websites would likely be used as part of email campaigns to lure victims to click on dangerous links. Cybersecurity firms are reporting a notable increase in attacks against a range of targets, all using the ongoing COVID-19 pandemic as a hook to trick their victims into running malware or harvesting personal details.

cyber business security

The above email from HMRC GOV.UK looks real at first glance doesn’t it? It’s not though, this is just one in the stream of over 200 COVID-19 related phishing emails and scams that have been reported by Action Fraud (National Fraud & Cyber Crime Reporting Centre) costing £970k in losses.

Phishing explained


The National Cyber Security Centre (NCSC) gives this explanation: “Phishing is when criminals try to convince you to click on links within a scam email or text message, or to give sensitive information away (such as bank details). Once clicked, you may be sent to a dodgy website which could download viruses onto your computer or steal your passwords.

Given the current coronavirus (COVID-19) situation, cyber criminals are sending emails that claim to have a ‘cure’ for the virus, offer a financial reward, or encourage you to donate. Like many phishing scams, these emails are preying on real-world concerns to try and trick you into clicking.

These scam messages (or ‘phishes’) can be very hard to spot and are designed to get you to react without thinking.

How to spot fake emails


Action Fraud, the National Fraud & Cyber Crime Reporting Centre suggest that fake emails often (but not always) display some of the following characteristics:

• The sender’s email address doesn’t tally with the trusted organisation’s website address.

• The email is sent from a completely different address or a free web mail address.

• The email does not use your proper name but uses a non-specific greeting like “dear customer”.

• A sense of urgency; for example, the threat that unless you act immediately your account may be closed.

• A prominent website link – these can be forged or seem very similar to the proper address, but even a single character’s difference means a different website.

• A request for personal information such as user name, password or bank details.

• The email contains spelling and grammatical errors.

• You weren’t expecting to get an email from the company that appears to have sent it.

• The entire text of the email is contained within an image rather than the usual text format.

• The image contains an embedded hyperlink to a bogus site.

What to do if you’ve already clicked

cyber security

If you’ve already clicked a link (or entered your details into a website), take the following steps:

• If you’re using a work laptop or phone, contact your IT department and let them know.

• If you’ve been tricked into providing your banking details, contact your bank and let them know.

• If you think your account has already been hacked (you may have received messages sent from your account that you don’t recognise, or you may have been locked out of your account), refer to NCSC’s guidance on recovering a hacked account.

• Open your antivirus (AV) software if you have it and run a full scan. Allow your antivirus software to clean up any problems it finds.

• If you’ve provided your password, change the passwords on all your accounts that use the same one.

• If you’ve lost money, tell your bank and report it as a crime to Action Fraud (details below) the UK’s reporting centre for cyber crime. By doing this, you’ll be helping the NCSC to reduce criminal activity, and in the process prevent others becoming victims of cyber crime.

 

Things you should do to help protect your business from hackers and cyber criminals

Farsight has collated some suggested resources to help you protect your business security against hackers and cyber criminals.

1. Report fraud and cyber crime to Action Fraud

Action Fraud is the National Fraud & Cyber Crime Reporting Centre.  If you are a business, charity or other organisation which is currently suffering a live cyber attack (in progress), please call 0300 123 2040 immediately. This service is available 24 hours a day, 7 days a week.

Report fraud or cyber-crime on this online form: https://www.actionfraud.police.uk/reporting-fraud-and-cyber-crime
Or you can report a phishing attempt here: https://www.actionfraud.police.uk/report-phishing

2. Get advice from Take Five to help stop fraud

#stopchallengeprotect

stop cyber fraud

Take Five is a national awareness campaign led by UK Finance, backed by Her Majesty’s Government and delivered with and through a range of partners in the UK payments industry, financial services firms, law enforcement agencies, telecommunication providers commercial, public and third sector, urges you stop and consider whether the situation is genuine – to stop and think if what you’re being told really makes sense.

Get business advice on dealing with online fraud.
Take the quiz to discover if you are scam savvy

3. Test your response to a cyber attack with this NCSC safety initiative

Get Exercise in a box – an online tool which helps organisations find how resilient they are to cyber attacks and practice their response in a safe environment

4. Consider training your remote working staff

Research relevant training courses, there a many especially look for those being run by your industry bodies or associations. This is one from our industry:

The Security Institute has partnered with Amica, an industry-leader for cyber, governance, risk and compliance training.
Through this partnership all Security Institute Members can enjoy free access to the ‘Cyber Security for Home Users’ course by simply booking on to the course above. Given the current situation, Amica have also taken the decision to make the ‘Cyber Security for Home Users’ course available to all for the discounted rate of £9.99. Non-members can purchase the course at this discounted rate by clicking HERE.

This course is available until 01/01/2021. Members can register immediately and will be sent details after membership verification is complete, which can take up to 4 working days.

6. Be aware of live attacks in progress

See the spread of live cyber attacks happening around the world with this real time SonicWall dashboard. You will be astounded! At the time of writing this article there we 35.6 million intrusion attacks and 7.37 million Malware attacks with 9.36 million targeting the UK.

 

Sonic Wall

 

Further reading…

We hope this article helps you to secure your business security from cyber criminals.  For further information, we have published tips on some of the things you can consider doing to further strengthen the security of your business and remote workers.

cyber security tips

Let’s not forget about the threats from physical crime on business security

Of course, it is not only cyber attacks that business have to consider, we have seen surges in physical security breeches too , with criminals taking full advantage of these trying times we all find ourselves in the middle of.

Farsight recently published the staggering crime statistics released by the Office of National Statistics (ONS) showing that 5.7 million crime incidents were reported to the police with estimates of total crimes topping 10.2 million.

> Read the 2019/2020 Crime Statistics which we reveal here

It is clear that businesses cannot afford to be complacent when it comes to protecting their premises, assets and people.  Farsight is a leading remote security monitoring centre that protects thousands of businesses across the UK from physical security threats. We provide 24/7 365 monitoring services across CCTV, Fire & Intruder alarms, Access Control and Lone Worker Protection.


If you would like to discuss how our remote security monitoring solutions can help to strengthen your business security, please drop us a line: Contact us here


Stay in the know

We regularly publish security guides and tips to help ensure business security can optimised, like these:

> Who is watching your business security, where are the threats and from who?

> 20 simple ways to improve business security

You can receive these handy updates straight to your inbox by subscribing to Farsight here:

Newsletter Signup Form

  • This field is for validation purposes and should be left unchanged.