Human error is the biggest contributing factor to cyber crime
4 min read
01 May 2018
Online fraud prevention expert and Barclays’ Digital Eagle, Joe Cooksey, explained to Real Business why the biggest threat to SME owners facing cyber crime is actually themselves.
Britain is in the midst of a cyber crime epidemic, with new research this month revealing that online fraud against SMEs costs an average of £35,000 per business and has resulted in the loss of more than 50,000 jobs.
To make things worse, in two thirds cases of online fraud against an SME it’s the business itself that ends up having to cover the cost, representing lost investment in jobs, training and equipment for cash-strapped owners.
With cyber criminals using a growing number of increasingly sophisticated techniques to swindle SMEs owners online, Real Business asked Barclays’ Digital Eagle Joe Cooksey for ways businesses can defend themselves.
“The main thing is to make sure everyone in your organisation is aware of the risks,” said Cooksey. “Human error is the biggest contributing factor to cyber crime, so as a business owner it’s important to take it seriously and make sure employees get clued up.
“Educate your employees about things like the ability fraudsters now have to spoof internal emails, or the fact that faking payment requests – from people both inside and outside of the business – is now a very popular form of attack by fraudsters.”
Cooksey made clear that smaller businesses were at just as much risk from cyber criminals as large firms, if not more so. He said that SMEs under-investing in online security software often made them prime targets for fraudsters.
He added: “Fraudsters are very good at knowing the size of the business they’re attacking and adjusting payments they’re asking for accordingly. If they’ve done their homework, they won’t be asking employees for an amount they know that business isn’t used to paying.
“For example, if a business has a regular payee each month, the fraudster will look to keep that payment going under the guise of the known payee but will subtly get an employee to change the payment details. Posing as a known customer or supplier is a very easy way of approaching a business that’s horrible for the business.
In terms of the sectors most at risk from fraudsters, Cooksey said the while criminals didn’t tend to discriminate against certain industries, companies that dealt in large amounts of money, and that make lots of payments, tend to get more fraud attempts than those which don’t.
“Just because you may think you’re not in a high-risk sector for fraudsters, that doesn’t mean you shouldn’t take cyber fraud seriously. I’ve seen all types of businesses affected, from small one-man bands that have had their entire IT systems shut down, to larger companies where its impacted on the ability to trade across borders.
“Defending against cyber crime isn’t about focussing on any one area of the economy, it’s about understanding where your business’s risks are. Unfortunately, it’s those businesses that make a lot of payments, regularly, that are most at risk.”