Email scams are becoming more prevalent and despite security measures being in place, emails can be hacked and the contents altered.
Prevention is of course better than cure; so just how does a business go about ensuring that it does not fall prey to email hacking? Below are some tips:
- If you ever receive an email or text purporting to be from a company or individual which alters the bank details that you hold for them in any way, you should always call them immediately to confirm this. A lot companies will not provide their updated bank details in this manner and without prior warning, it is therefore a potential red flag.
- Spam is the most likely cause of malware being installed onto a computer system. To prevent this, install a good security software system that protects against malware and viruses. You should also install a firewall, which monitors network traffic and connection attempts into and out of a network or computer and determines whether or not to allow it to pass. The more sophisticated the security system is, the better the protection will be. Always keep the system updated.
- Never click on unfamiliar links or download unfamiliar attachments.
- When taking on a new supplier and setting up payment on EFT (electronic funds transfer, such as CHAPS), always carry out a test by transferring a small and unique amount (say £1.01), and then ask the supplier to confirm safe receipt by telephone (not email). The same applies to an existing supplier that changes its bank details. The same will also apply in reverse when the business is receiving monies from a debtor. It is a good skill to have if you are able learn how to read message headers and trace IP addresses, which will then allow you to cross-check a particular IP address with a previous IP address in order to authenticate.
- Reconcile your bank account every day.
- Have a written company policy on internet security and distribute it to all employees.
Protecting against cyber crime
Contract terms: A business should consider including terms in its contract of supply that sets out minimum standards of security software on the servers its suppliers use. This should include protection against malware and viruses and a firewall. Software should also be constantly updated, whilst any changes to the company bank account details should be confirmed in writing by post or hand delivered and signed.
Cyber liability insurance: Cyber liability insurance is available which will cover certain data breaches (including by hacking) and business interruption. However, it will not cover losses where a business has voluntarily made a payment into a third-party bank account.
Be vigilant: Ultimately, it’s important to remember that if a mistake is made through a businesses’ own negligence, the business will have to stand on its own and with no right of redress from the bank. Therefore, do your homework and make sure your business is kept safe.