There are many new terms and descriptions for fraud within a business, regardless of size or business maturity, especially when it comes to new and emerging online threats such as;
- Social Engineering – the use of deception and manipulation to obtain confidential information.
Fraudsters use social engineering tactics because it is usually easier to take advantage of our natural instincts to trust than it is to find ways of breaking into a company’s systems.
- Online Fraud – such as malware.
Your systems can be infected by malware (malicious software) through viruses and Trojans which can then interrupt for example your online banking sessions and prompt you with a fake, but seemingly genuine, screen prompting you to enter passwords and codes which can then be captured. Malware code is often hidden in attachments, links and free downloads.
- Phishing emails – a seemingly genuine email designed to trick staff into following it’s instructions.
Phishing is an email scam designed by fraudsters who masquerade as for example your bank or another trusted organisation to obtain confidential or personal information.
- Ransomware – a growing threat to businesses of all sizes and across all sectors.
Malware operates by blocking access to key files typically by encryption, which requires a private key to decrypt files and restore access. The attack is then followed up with a ransom demand to restore your system access.
- Vishing and Smishing – vishing is a telephone scam, vishing is very similar only it’s delivered via your mobile phone.
‘Vishing’ is over the phone phishing where scammers will try to persuade people to share information by posing as bank staff or other financial service employees. ‘Smishing’ is SMS phishing where text messages are sent trying to encourage people to pay money out or click on suspicious links.
- CEO Fraud – where a fraudster assumes the identity of a senior member of you business.
This is where fraudsters send an urgent email payment instruction to a staff member within the business which looks genuine from the CEO or another senior person.
- Invoice Fraud – where fraudsters impersonate a regular supplier or contractor.
Fraudsters contact your business posing as one of your suppliers / contractors or clients and request that future payments are sent to a different bank account.
- Employee Fraud – Fraud committed by an employee.
Internal or employee fraud is when fraud is committed against your company by a staff member. There are numerous frauds that an employee can commit against their employer.
- Card and Cheque Fraud – Bank card and cheque fraud happens when criminals steal your cards or chequebook and gain access to funds in your account. Criminals steal your bank cards or cheque book; or they obtain your card or account details, allowing them to take money from your account or run up credit in your name.
At the Risk Dashboard our evidence based, data led compliance and advisory software covers all these common risks though our modular platform. We go into each threat in greater detail, and provide you with solutions and access to experts to protect your business.
We help you to implement a clear structure and culture with your business to make your organisation more resilient to Digital and Online Fraud.
If you would like to know more about how Risk Dashboard can help you get your business, please contact Neil Campbell, Commercial Director at Risk Dashboard on info@riskdashboard.co.uk.
We look forward to hearing from you.