keyboard_arrow_left See all news

Recent News

Dasiy Communications / 15 Mar 2020
With the UK's biggest providers offering unlimited data plans, we answer your questions about the new tariffs.
Visit us at Stand 646 at the Northern Business Expo and get 20% off our unlimited tariff...
NX Comms / 14 Mar 2020
Dongles Are Dead!
It’s unlikely that you’ll ever be in an area without a signal. If one network has a ...
Northern Business Expo / 13 Mar 2020
How to write engaging content for social media
Putting all of this together is hard, especially with the sheer volume of content that u...
Northern Business Expo / 12 Mar 2020
Ultimate guide to a successful marketing plan
Follow this initial guide to make sure you get the most you can from your marketing stra...
Atlas Business Group / 12 Mar 2020
Server Colocation could have more benefits than you think.
explore co-locating your server
Northern Business Expo / 11 Mar 2020
Google My Business listings. What, How and Why.
Google My Business (GMB) is one of the best ways to get local rankings and improve your ...
Northern Business Expo / 10 Mar 2020
Social Media 101
As good as social media can be, it isn’t as easy as putting an ad in the local newspap...
Atlas Business Group / 10 Mar 2020
It is no longer a matter of “if” but “when” a real world threat will compromise your business data.  Will you be ready
What happens when disaster strikes your business!
Northern Business Expo / 09 Mar 2020
Content marketing strategy – what, how and why
The best way to describe it is that it is your overall vision that guides the content de...
Nxcomms / 08 Mar 2020
Are you ready for full fibre broadband?
Are you ready for full fibre broadband?
Atlas Business Group / 08 Mar 2020
Say goodbye to large telephone bills and go all inclusive
Tomorrows telecom
Nxcomms / 07 Mar 2020
What’s a Private APN and why should I care?
That’s where a Private APN comes in. This type of connection gives you your very own p...
Huthwaite International / 06 Mar 2020
Decisions, decisions – map out your decision-making unit to sell more effectively
You may assume the most senior person is the ultimate decision maker but that may not be...
Dasiy Communications / 05 Mar 2020
Upgrade to VoIP and discover the benefits
You might have heard the words Voice over Internet Protocol (VoIP) being spoken about ov...
Nxcomms / 04 Mar 2020
Could Your Internet Connection Be Endangering Your Business?
If you sit there and do nothing about your internet, you’re courting disaster. Don’t...
Northern Business Expo / 03 Mar 2020
Top tips for entrepreneurs
You’re an entrepreneur with a business idea, ready to get cracking. It’s an exciting...
Daisy Communications / 03 Mar 2020
How a VoIP phone system could save you time, money and resources
By getting rid of their premise-based phone systems, companies are discovering new, stre...
Huthwaite International / 02 Mar 2020
 Fact or Fiction: The top 10 myths in sales strategy
Learn which actions lead to sales success and how to avoid those that don’t. Understan...
YorCyberSec / 01 Mar 2020
Shopping and email safety online
Doing these things will not guarantee that payment information cannot be taken but it hi...
Dasiy Communications / 29 Feb 2020
Why your legacy phone system is costing you more than you think
Why your legacy phone system is costing you more than you think
Northern Business Expo / 28 Feb 2020
12 ways to push your small business to new heights
Take a step back from your everyday tasks and consider how many of these points apply to...
Dasiy Communications / 27 Feb 2020
Answers To Your Questions About the PSTN 2025 Switch Off
Answers To Your Questions About the PSTN 2025 Switch Off
Fiscale Ltd - R&D Tax Credits / 26 Feb 2020
How to maximise your R&D Tax Credits claim
How to get maximum value from your R&D! In our humble opinion there are still far too ma...
Daisy Communications / 25 Feb 2020
Unpacking the new Samsung Galaxy S20 Range
Explore and save on the new Samsung S20 Range
Northern Business Expo / 24 Feb 2020
11 steps to get the most out of visiting an expo or trade show
Events and trade shows are great for many reasons, no more so than in this digital age. ...
Huthwaite International / 23 Feb 2020
SPIN® SELLING – stop talking and start listening
Sellers must take care not to get caught up in the excitement of talking about the bells...
Northern Business Expo / 22 Feb 2020
The 7 building blocks for a prosperous consultancy career
Whether you’re unsure how to begin your consulting career, or you’ve already started...
Northern Business Expo / 22 Feb 2020
5 books every small business owner and entrepreneur needs
Here is a list of our top 5 books that every small business owner and entrepreneur shoul...
Northern Business Expo / 21 Feb 2020
How to keep your mind healthy whilst running a small business
One in six people who work in the UK have anxiety, depression or similar every year, and...
YorCyberSec / 20 Feb 2020
IT Support is NOT Information Security
With the many pressures facing smaller businesses, trying to reduce expenditure is alway...
YorCyberSec / 16 Feb, 2020
keyboard_arrow_left See all news

Is it safer to be untrusting?

With the rise in scams against the public and organisations is it now safer to be untrusting when receiving emails, calls, texts and even faxes? (Yes, they are still in use!)
 
To my personal email account, it is shocking the amount of scam/phishing emails received, I would estimate it is around 50 – 60 a day. Most of these are of course substandard and obviously phishing emails and I would like to think would never be successful. They range from ‘Girls In my Area Want to Meet Me’ to ‘My Bank of America account online login needs resetting’ having never had a BoA account I didn’t fall for this. Now, these are very obviously fake, however, occasionally I do get one that looks legitimate. Having assisted numerous companies with breaches and account compromise situations I do tend to err on the side of caution anyway, and always do some inspecting before I am happy.

Fraudsters are now starting to think a little smarter, realising it is more likely Joe public uses Amazon or Apple and I am now being sent ‘Order Updates’, these I suspect are more successful and return better results for them. Still when you look at the sender address, clickable links and wording of the text they are easily detectable, but they are getting better. 

It is my opinion, that it is now safer to be untrusting and query most incoming communication in the first instance. Especially if it is out of the blue and wrapped in urgency. In the news recently there have been a few high-profile stories of organisations and people being tricked into paying fake invoices, urgent bank transfers or handing over bank details for refunds or authentication (I have linked a few at the bottom). 

With the amount of information online individuals and organisations are putting online, it is not hard for fraudsters to put together a convincing campaign. Richard De Vere of The Antisocial Engineer explains in comment provided for this post: 
‘Social engineering attacks can really stand in a unique category of scams. Amongst spam emails that are easy to identify as fraudulent you will find especially well crafted and researched attempts that will make even the most battle hardened CISO shudder in fear. 

The importance should always be on detection, technical prevention and education. I this trio we find a greater defence. 

De Vere also mentions some of the best defences to phishing are also free - solutions such as DKIM, SPF and DMARC.’ Reduce Risk, Improve Assurance, Increase Performance yorcybersec.co.uk 0113 3720200 

With this being the case, it is fairly obvious that everyone should be more cautious when emails are being received asking for immediate transfers for an overdue invoice, notifying a change of bank details or a package for delivery has been delayed. This is usually seen as a culture change requirement, with education seen as the best line of defence in this instance. 

Organisations need to ensure staff are being trained properly. It is estimated that 80% of staff are receiving no training in Cyber Security. This is lead to more than £34m lost from April to September in 2018 alone. The average data breach in the UK costs £2.99m according to the annual Cost of a data breach report conducted by the Ponemon Institute and sponsored by IBM Security. 

In the ideal world, every organisation would have a formal way to train staff, annually review policies and procedures, annually review incident response plans. All this would be alongside conducting regular security assessments, that could be penetration testing or professional phishing awareness campaigns that provide valuable and useable outputs. 

If you don’t have the scope, buy-in or budgets for this completely understandable. But the first stage should be to understand the risks, your capabilities and act accordingly. 


Sources:
https://www.scmagazineuk.com/ai-mimics-ceo-voice-scam-uk-energy-firm-200k/article/1595277 
https://www.irishnews.com/news/northernirelandnews/2019/09/26/news/fraudsters-claiming-to-offer-thomas-cook-refunds-1722527/ 
https://www.bbc.co.uk/news/uk-scotland-glasgow-west-47135686

 
Processing. Please wait.
Loading...