Trends in cybercrime and how to protect your business in 2018Small Business Advice 15 December 2017
Cybercrime is a serious threat to everyone. According to the most recent Crime Survey of England and Wales (CSEW), over half of crime incidents last year were cyber related. And it’s taking a toll on consumer and business attitudes.
A 2017 survey by the European Commission revealed that 86% of Brits agreed that the risk of becoming a victim to cybercrime is increasing. And no wonder – according to the Federation of Small Businesses (FSB), 66% of small businesses have been targeted by cyber criminals.
The cost? £3,000 on average.
But it’s not just the financial implications that can have a negative impact – cybercrime can damage a business’s reputation or completely shut down operations, depending on the scale and severity. We’ve outlined some of the latest cybercrime trends and offer tips on prevention, so you can protect your business from the online criminal underworld.
Tactics and types of cybercrime
Criminals use a range of sophisticated tactics to take advantage of businesses. The CSEW reports that the main types of cybercrime include:
- Bank and credit account fraud
- Computer misuse
- Computer viruses
- Consumer and retail fraud
- Unauthorised access to personal information (such as hacking)
According to the FSB, the most common tactics that cybercriminals employ to carry out their crimes are:
- Phishing: Criminals send emails or texts, or make phone calls, pretending to be someone else and trying to gain victims’ personal information (such as bank details).
- Spear phishing: Similar to phishing, but more targeted – criminals might pretend to be an important person in a company and email specific employees, appealing for information.
- Malware attacks: ‘Malicious software’ like viruses and spyware infect a computer, allowing criminals to do things like disrupt operations, steal information, and create connection problems.
- Card not present fraud: Credit or debit card scams where the card isn’t actually present, such as online or phone transactions. Criminals might steal someone’s card information and use it to make fraudulent transactions or claims.
The biggest threats: Trends in cybercrime
We’ve looked at the ways that criminals can exploit vulnerabilities and infiltrate your security to gain information – but how can they use it against you?
Like any criminal activity, people are constantly inventing new ways to carry out cybercrime, but some of the most common threats in recent times include:
- Ransomware: Criminals use malware to lock your device and encrypt your files, and then demand you pay a ransom fee to regain access, essentially holding your information ‘hostage’. And, of course, there’s no guarantee they’ll follow through on their promise if you do pay up.
- Hacking: Using malware or information gained through phishing, criminals can infiltrate your networks and gain access to information stored in your systems, allowing them to compromise data and use it to their advantage – potentially by selling it on to people who will use it for further crime.
- Distributed Denial of Service (DDoS): Criminals prevent genuine customers from accessing your online service by overwhelming it with traffic from botnets, which they control after gaining access to computers through phishing activity and malware. This can cause sites to shut down, and the attackers will demand payment to stop the activity.
- Ex–employees: Disgruntled employees can pose a serious threat to your business, as they can use their knowledge about your systems to steal information or enable themselves to gain access remotely, without you knowing it.
How to protect your business from cybercrime
While you can’t guarantee cybercrime prevention, you can protect your business to the best of your ability and minimise the impact in the unfortunate event that a crime does happen. It’s about staying ahead of the curve and constantly reviewing security measures, including things like:
Make sure that the basics are covered and you have standard data safeguards in place, including firewalls, encryption, and password protection.
Update your systems
Regularly updating and maintaining systems can help to eliminate vulnerabilities that can arise from out-of-date software, helping to protect you against malware attacks.
Have a sophisticated back-up for your data
A secure cloud system can help to protect you in case of a data breach or cybercrime such as ransomware attacks.
Change passwords regularly
Monitor passwords and permissions to ensure employees only have access to things they absolutely need, and make sure to update security measures when members of staff leave or change departments.
Have a detailed incident response plan in place
Outline who to contact (such as IT support, the police, board members, etc.) and what action to take (such as suspend operations, back up data, notify customers, etc.) in the event of different cybercrime activities.
Train your staff
While we might assume everyone knows the basics of online security, it can be quite difficult to recognise things like spear phishing emails. Regular training can help to make sure everyone is up to date with current security practices and expectations.
Trust the experts
There are plenty of things small businesses can do to protect themselves, but can you stay on top of all security requirements all the time? Outsourcing IT and credit card processing means you can trust professionals who are dedicated to specific security measures, allowing you to focus on other operations. What is more, the majority of the merchant service providers in the UK offer card payment security services that comply with PCI DSS.
How Paymentsense fights cybercrime
If you use our card machines or any other of our merchant services, you’ll know we’re dedicated to keeping you and your customers safe from cybercrime. We implement the most up-to-date fraud detection practices and security checks, protecting you and your customers as well as safeguarding against downtime. All our payment systems include:
- PCI DSS compliance.
- Equipped with Visa/Mastercard SecureCode (find out more about 3D Secure).
- CSC, CV2, and AVS real-time security checks.
- Direct API or hosted integration options.
We constantly update our security systems to ensure they meet industry standards, and we’ll work with you, providing peace of mind that your business is protected. Speak to one of our experts to find out how we can help you take card payments online via a payment gateway, or get a free online quote today.