Businesses in Guernsey, Jersey and the Isle of Man need to beware of the increased risk of cyber fraud, as cyber criminals look to adapt old techniques to exploit the current business environment created by the Covid-19 pandemic, according to Warwick Long, Head of Commercial Banking at HSBC Channel Islands and Isle of Man.
Data collated by the HSBC Group over recent weeks shows that cyber criminals are evolving pre-existing types of fraud to target weaknesses in business processes as a result of the coronavirus.
In particular, the data shows that instances of attempted ‘phishing’ and ‘smishing’, where fraudsters look to obtain sensitive information from businesses through unsolicited or fake emails, phone calls or text messages, have increased over the past few weeks.
In addition, fraudsters have sought to exploit mass communications around Covid-19 by attempting to divert payments through purchase scams for medical equipment and fake mobile apps purporting to be related to Covid-19.
Urging local businesses to be alive to the possibility that some criminals are using the Covid-19 outbreak as an opportunity to commit fraud, Warwick Long commented:
“These are extraordinary circumstances and it’s understandable that businesses are focused on a rapidly changing environment, but it’s really important that they don’t get complacent about cyber security. Our analysis shows that criminals are still actively looking to make the most of weaknesses in business’ processes by adapting existing tactics to the coronavirus context to fraudulently obtain sensitive information.”
To support island businesses, HSBC has created a new webpage which contains up to date information on fraud for businesses, and has collated some top tips to help island businesses with their online security and protect themselves and their customers. These include:
- Empower your ‘human firewall’, often well-trained employees are your first line of defence
- Increase internal testing by circulating samples of potential phishing mails to keep employees more vigilant
- Ensure multi-factor authentication is running on all remote working systems
- Test your chain of command and ensure alternative business continuity protocols to make it difficult for phishers to target power centres and vulnerabilities
- Increase awareness within the organisation on escalation procedures, should there be an inadvertent incident
Warwick added: “HSBC takes combatting fraud and other financial crime very seriously, and we hope that highlighting the different ways cyber criminals may try to steal not just money but also a company’s identity will be helpful as part of our support for local businesses through this challenging time.”
