Protect Your Data, Protect Yourself
Cybercrime is a serious threat to your business. Be vigilant, recognise the prevalent types, and protect yourself from becoming the next victim.
Common Cyber Crime Cases
Business Email Compromise (BEC) is a scheme targeting businesses with multiple suppliers and/or partners that regularly carry out payment of transactions through email. It occurs when fraudsters impersonate your suppliers, business partners, or senior management with aim to change their bank account details and ultimately divert the fund to a fraudulent account.
Common scenarios used on BEC schemes are as follows:
Red Flags of BEC Fraud
|Legitimate Address||Fraudulent Address|
Phishing occurs when a criminal sends email pretending to be from reputable companies or well-known organizations in order to induce recipients to expose their personal information such as account login details, passwords, account and credit card numbers. Phishing emails usually direct recipients to a look-alike website which will enable criminals to capture our sensitive information.
Spoofing is when a criminal impersonates other user or device or network which aims to steal sensitive information, spread malware, and/or bypass access controls. Spoofing can apply to emails, phone calls, and websites. It may even be more technical, such as through spoofing of IP address, Address Resolution Protocol (ARP), or Domain Name System (DNS) server.
Vishing is an attack that uses phone calls pretending to be from reputable companies or well-known organization in order to induce individuals to expose their personal information. Vishing works in similar manner to phishing, but instead of using email, it is carried out by voice technology such as landline or cellular phones.
Malware or malicious software is computer programs designed to disrupt, damage, or gain unauthorized access to the computer system. Malware can take shapes as viruses, worms, Trojans, as well as spyware. Viruses can disrupt the function of our computers, while spyware is able to gather computer’s data even without knowledge of users.
Most common ways of malware can spread to our PC are through spam emails, infected removable storage media, compromised websites (hacked or spoofed), and bundled with other software.
Tips for Cybercrime Protection
Get to know the pattern of your suppliers/business partners, including their typical transactions, reasons, periods, account details, and payment amounts. Be suspicious when you find any significant deviation from those patterns.
Be suspicious when receiving unusual requests asking for a change of beneficiary account details or instructing urgent payment. Conduct validation of such request using different means of communication. For example, make a callback directly to the previously registered number.
When you cannot validate emails through different means, always use “Forward” button to reply your email. Using this function forces you to retype the legitimate email address or select it from previously registered address book.
Protect your computer from viruses, worms, Trojans, and/or spyware by installing anti-malware software. More importantly, keep the software up-to-date at all times to maintain its effectiveness.
Protect your accounts and documents using strong password combination and change them periodically. Set reminder to frequently change your passwords, if necessary.
Avoid visiting websites with suspicious content and be mindful of information you input on the internet. Stay away from downloading documents from untrusted sources to avoid malware infections.
Make sure that you access office emails and company information in safe and secured environment.