News

Cybercrime – an introduction

Jamie McKenna

With increasing technology and the number of devices we use online, the threat of Cybercrime has continued to surge in recent times and the consequences from both a financial and reputational perspective have grown considerably.

With particular focus on financial services, this is an ongoing concern for businesses of all sizes, yet many are still unfamiliar with the nature of risks involved.

What is cybercrime?

Cybercrime is any criminal activity in which a computer and a network is used to commit an offence. The development of email and the World Wide Web brought the risk of cybercrime to businesses worldwide, and the explosion of social media has led to millions of people posting personal details online, which could be exploited by criminals.

Types of Cybercrime

Scams

A very common example, scams are designed usually via email or websites to trick people into sending money (whether it be for a prize draw, a fee in order to receive millions from an estate, advertisements for dubious medicinal treatments or worse!).

Phishing

Often done via email, phishing is a technique designed used to trick users into clicking on links or attachments in order to try and identify username and password details. From there the user is vulnerable to data and/or financial information theft.

Malware

“Malicious software” (such as WannaCry, which hit the headlines last year) can be installed on users machines without their knowledge in order to identify user log on details. ‘Keyloggers’ for example can be installed on devices in order to track keypresses and report the details back for the criminal to exploit.

Ransomware

Often as a consequence of phishing, ransomware is used by criminals to encrypt a user or a company’s data, rendering it inaccessible. A ransom is then requested from the user in order for them to regain access.

Identity theft

Criminals often try to defraud by stealing user identities in order to steal money. This is done by using personal information to try and trick third parties, banks and lenders into parting with funds.

To try to reduce exposure to the above, it is recommended that businesses consider the following:

  • Antivirus software – it is essential that businesses invest in antivirus software as regularly updated internet security can help block malware. Spam email filters are also good for blocking phishing attempts;
  • Keep software up to date – with most mainstream software, publishers often release patches and updates free of charge in order to protect their products from malware. Without installing these updates, systems become at risk;
  • Backup systems – in cases of Ransomware it is imperative for companies that back up data is readily available and that a disaster recovery plan is in place;
  • Control social media settings – to try and minimise the risk of identity theft users should restrict information about themselves on social media. Personal details such as bank co-ordinates should never be disclosed for example;
  • Email encryption – email should be encrypted to protect sensitive information from being accessed easily;
  • Training – above all, training is important to keep staff aware of the risks of cybercrime. People should know not to download anything from unknown sources, not to click on links in emails from individuals they do not know and to not share personal data or passwords.

The techniques used for cybercrime are becoming more sophisticated and will always be a threat to business. If you would like to discuss any of the above in more detail please contact James McKenna at jmckenna@burleigh.co.im.

Peregrine Corporate Services Limited is licensed by the Isle of Man Financial Services Authority.