18 Nov 2016 12:00 AM

According to the ACFE’s (Association of Certified Fraud Examiners) 2016 Global Fraud Study the typical organisation loses 5% of revenue to Fraud.  For small to medium sized businesses that can be pretty significant.  They also found that those organisations that lacked anti-fraud controls suffered greater losses; in fact twice as much as those that had effective controls in place!

The ever increasing cyber threat means that in todays world it is not a matter of ‘if’ but ‘when’ will you or your company become a victim to a cyber attack.  Both individuals and companies are at threat and the reality is that having good firewalls and up to date virus protection is simply not enough.  You and your employees and colleagues need to be cyber aware and be able to spot the threats.  Through awareness an organisation can greatly improve its protection against fraud and cybercrime.

Hence the ACFE’s International Fraud Week initiative.  The main aim of the week is to raise awareness and educate the public.  In the spirit of International Fraud Week we have been posting simple daily tips on our Fraud and Forensic department’s twitter feed @TheFraudbusters.  These are simple tips that should and can be easily implemented in your daily personal life as well as at work.  A lot of them, you’ll already be aware of, but, like most people probably are not very good at implementing within our daily busy lives.  Hopefully these reminders will serve to highlight their importance and encourage everyone to undertake at least one of them. To quote the famous slogan of a well known supermarket chain ‘Every little helps’!

 

Tip #1:

Always install software updates on your computer as soon as they are available!  These updates just about always contain fixes and upgrades for crucial security vulnerabilities to tackle the latest viruses and malware.

And an extra related tip. Ensure you have downloaded a mobile phone security app. There are loads of options out there!

 

Tip #2:

The ever increasing use of mobile phones for mobile banking, checking our emails and communicating via social media leaves us exposed to malware threats and personal data theft.

It’s all too easy to leave your accounts open when not using them for ease of access when you next log in, or to leave your Wi-Fi and Bluetooth switched on.

Turn off Wi-Fi, location services and Bluetooth when you’re not using them.  Cybercriminals can access your information if the connection is not secure, and if you haven’t logged out of yor accounts you’re giving them an open door into your data!

 

Tip #3:

Fraudsters can find out all sorts of information on their targets these days through social media and simple internet searches.  This information can be used to pretend to be from your bank for example and is used to trick you into breaking normal security protocols.

One common trick is to phone, telling you to hang up and phone the ‘bank’ back to verify it’s legitimate.  The Fraudster never hangs up meaning they have left the phone line open.  When you phone the bank back they can play dial tones down the line to you and then pretend to be the bank you are phoning back!

If you receive an unsolicited phone call from your ‘bank’ or any other institution and they ask for personal security details; hang up the phone.

If you want to call the bank back, do so on a different phone line using a phone number you know to be correct (not the one given to you by the suspected fraudster).

 

Tip #4

We’ve all heard this advice before!  And we all know the risks of using simple passwords and using the same password for multiple accounts.  So why do so few people do it!

The biggest barrier is remembering multiple passwords!  If this sounds like you, why not try the following:

 

A)Come up with a long sentence about something that means something to you and that you know you will remember.

EG: International Fraud Week runs from 13 to 19 November 2016  .  (Have we mentioned this yet?)

 

B) Shorten this into an acronym (ensure there are some capital letters and numbers involved as some website are fussy about these being present in a password):

IFWrf13t19N2016

 

C) Add a suffix or prefix for each account you have that is 3-4 letters long, being the first 3-4 letters of that account.

EG: Facebook = IFWrf13t19N2016face

        Hotmail= IFWrf13t19N2016hotm

 

You now have a password that’s very hard because the letters are completely random and it is unique for every account you own.  And most importantly it’s something you’re unlikely to forget!

 

Tip #5

 Do not click on links or attachments in unsolicited emails or text messages, no matter how genuine they may look!

Fraudsters are very good at mimicking genuine banks and companies to fool you into clicking on their links and attachments.  If you do this you’ll be unleashing whatever virus/ spyware/malware might be hidden in that link.