In a dream world, hackers would carry forward your SME’s invoices and pay them, but in the real world, they extract personal information, stealing the identity of a business and its money. From the 1st April 2019, all businesses will be required to keep their records digitally, which means there could be a higher risk of being defrauded if the SME’s financial team is not fully trained. As we have no choice but to be part of a cyber era where we share all personal information, it is essential to be aware how data protection works. Let’s analyse now different types of financial frauds and what your SME can do to protect its accounts.
How does Invoice Fraud work?
Fraudsters are often aware of business’ relationships with other organisations, companies and suppliers and they know when regular payments are due. In general, a fraudster will send a change of bank details request by post, email, or even by phone. They can also intercept emails containing invoices, change the bank details and send an invoice including new bank details. Payments are repeatedly made to them and the fraud is often only discovered when the legitimate supplier of the product or service doesn’t receive the payment. At that point, recovery of the funds from the fraudulent account is very difficult.
What are Identity Theft and Phishing Scams?
Invoice Fraud is just one type of financial fraud. One of the most talked about types of financial fraud today is identity theft. With specific software, frauders are able to steal personal data and consequently the identity of your SME. Once someone else gets hold of your personal information, they are actually able to commit numerous types of crime, including stealing your money and possessions.
Similar to the identity theft are phishing scams. Like with identity theft, phishing scams are attempts by scammers to trick personal information such as bank account numbers, passwords and credit card numbers. To get your attention some phishing scams would use specific brand name like “Visa,” (V – Get Report) “PayPal,” or “Apple” (AAPL – Get Report), even though those companies aren’t trying to reach you. Phishing scams also trick web users into downloading an infected file, clicking a toxic hyperlink or giving up private information which can lead to identity theft.
How can your SME keep their financial data safe from cyber criminals?
To keep your SME safe, bare in mind that it is important to train your team to all the possible scenarios and risks. Hackers and criminals have many ways to build a relationship with your SME and rob the identity, data and money of your company. As we already wrote in our latest blogpost, to protect your SME from cyber fraud:
- Make sure you have unique passwords (that aren’t shared).
- Maintain a clean desk environment to protect personal and confidential information.
- Don’t trust emails and verify them, use the phone and talk to the right people.
- Make sure your systems and software are patched and up to date.
- Use good Antivirus software.
- Ensure that all staff who process supplier invoices and those who have the authority to change bank details are vigilant.
To prevent financial fraud, there is different software that can definitely help you, but without vigilance and a sharp eye for detail, it is almost impossible to be 100% sure that nothing can happen. For that reason, remember to thoroughly train your team.
If you need any help with Cyber Awareness or with your Invoice System,