On the hook of phishing cyber crooks
SMALL businesses need to be wary as they increasingly move online due to the “massive” spike in the number targeted by cyber criminals, UK standards body BSI says.
The pandemic and lockdowns forced small-to-medium sized enterprises (SMES) to shift more operations online. However in their rush, many have neglected their IT security, according to Stephen Bowes, BSI director for data management and security technologies.
Email is the most common attack point for criminals, who use it to either “phish” for valuable data, such as login credentials, passwords or credit card details, or install malicious software or malware. With the data harvested, they can set up fraudulent payment orders.
Bowes added that mobile phones are helpful for cyber criminals, as victims often do not see the links they click on or documents they access are bogus due to the size of the screen.
“We’ve seen a drop in the number of random attacks and that’s because they are far more targeted now,” he said. “Their success rate has gone up, because previously it was a case of spray and pray, criminals sent out mass emails. Those days have gone.”
Piranha IT managing director Doug Fry said: “This is the year of the hack,” and pointed out many people working from home fail to change the passwords on networks or routers, making it easier for criminals.
He added: “The higher up you go, the more complacent people tend to be. At work you have IT teams to protect your network, at home all you have is a box from your provider.”