New research, conducted by unbiased.co.uk, shows that one in six businesses in the financial sector have been targets of scam activity in the last 12 months, with almost three quarters (73%) stating that they receive up to five scam attempts per month.
Scams from HMRC seem to be the worst offenders, with over half of businesses (57%) having found themselves targeted.
Yet despite the significant security threats scam attempts pose, only 50% of UK financial advice companies are exploring security options such as SSO (single sign on) and 46% admit that they have no scam reporting process or policy in place. Over one third (38%) agree that scams put their company at risk.
Andrew McLean, CTO of Unbiased says:
“Scammers are getting increasingly sophisticated yet there are some security quick wins which can cut out 98% of scam attempts.
It’s essential businesses identify their weak points and take technical steps to increase their security, but just as important to make people aware of the threats and how they can help.
The harder you make it for scammers and criminals the less of a target you will be.”
With companies also now adapting to remote and hybrid models of working, there’s an increased vulnerability. People using home routers and devices may not update default passwords or do security updates as diligently as when they were in the office.
Karen Barrett, Founder and CEO, comments:
“It’s important to us that we’re providing up-to-the-minute advice and guidance on how to spot scams and protect your business security. Not only are our advisers at risk, but also the clients they manage.”
As part of their nationwide research, unbiased.co.uk revealed that the industries most affected by scams included IT/Comms, whereby 44% admitted to having been scammed more than once, HR reporting 43% and shipping 37%.
A third of those working in computer hardware admitted to having been scammed on multiple occasions, compared to 29% of those working in banking and 22% in accounting. Of the industries surveyed, the professions scammed the least were government/public sector (16% scammed more than once) and food/beverage (12%).
Have some basic cybersecurity training for staff which includes the most common scam of phishing and how to spot it, particularly for new joiners
For any online accounts make sure you have strong passwords and even more importantly two factor authentication (2FA) to protect your email and online accounts
Protect your equipment from malware by having anti-virus software and make sure security updates are applied
Back up your data to a separate secure location on a regular basis
Make sure your computer hard drives are encrypted encase equipment is lost or stolen, most modern personal computers and operating systems support this
A great resource for UK businesses is the National Cyber Security Centre (NCSC), who have a simple cyber security guide for small businesses.