Our director, Colin Tankard, recently identified a personal data breach in action when buying a new car.
In the process of buying the car, Colin received poor service from a main dealer and when he complained about this, he didn’t receive a response.
He did receive an email from the car manufacturer’s marketing team inviting him to complete an online survey about his experience and, like many surveys, offered the chance to be entered into a competition. Read more
Ransomware, viruses, and malware. No business wants to find themselves victim of a cyber-attack. Often these malicious pieces of software enter the network via a backdoor attack, allowing cybercriminals to break into the infrastructure without being discovered.
Once inside the network, they can lay quiet for weeks or months before activating, making them even harder to detect. All the while it is moving around your network, seeking to find super-user credentials, elevate its privileges, and access vital data.
So how can you stop something you don’t even know about? Read more
Cybercriminals are intercepting emails between companies and their clients, deceiving customers out of life-changing sums of money and severely damaging the reputation of the organisation.
Targeted companies range from solicitors and conveyancers, to builders and traders.
In January this year, a charity worker buying his first home had his £67,000 life savings stolen after fraudsters hacked into emails sent between him and his conveyancing solicitor. Last year a London couple transferred over £25,000 to a fraudster posing as their builder after receiving a genuine-looking invoice, for an amount they were expecting, from a copycat email address. Read more
Is there an asset more valuable than your company’s data?
The need to keep off-site back-ups, seamlessly collaborate with others, and access data from any location has led to vast amounts of critical data being stored in third-party cloud-based services.
Your confidential data is such as Word documents, PDFs, spreadsheets, emails, contact lists and databases.
With hundreds of thousands of businesses placing these documents in cloud-based services like Dropbox or Microsoft One Drive, is it worth asking how secure they are? Read more
When an employee doesn’t care about cyber security
It doesn’t matter how thorough a business’ protective measures are, employees remain one of the biggest risks to an organisation’s digital security.
In some cases, it is not that employees don’t care about digital security, but that they don’t fully understand it.
An experiment in London’s financial district proved just how much of a risk employees can be to their organisations. CDs were handed out to commuters by employees of an IT skills company and told the disk contained a special Valentines’ Day promotion. In reality, the CDs contained code which notified the IT company how many of the recipients tried to open the CD. Despite clear warnings on the packaging about the dangers of installing third-party software and acting in breach of company acceptable-use policies, several city workers proceeded to run the disk. A major retail bank and two global insurers were among the organisations whose employees fell for the stunt. Read more
For many, a daily routine exists from the moment they sit at a desktop or take their first swipe of a tablet. It involves identifying important emails in your inbox and disregarding the spam. In most instances, this is a tedious yet simple task. We click on emails from contacts we know, or from organsiation we trust, and delete those we have no interest in. We look for the familiar and discard the unknown. It is a routine that drains time but a system that in the past has kept us reasonably safe from hackers. Repetitive yet necessary. Read more
A poorly written, plain text email requesting sensitive information arrives in your inbox from a sender you have not interacted with before. Without much thought you delete the email, writing it off as bogus.
Further down you come across an email with the subject: Update Your Account Information. In the sender column is your bank’s name. The HTML email is well formatted, using the colours, layout, font, and logo of your bank. The email states that as a security measure, you will no longer be able to access online banking unless you update your account information. Beneath this message is a hyperlinked sentence which reads, ‘Sign in to update your account information’. The email is signed from your bank’s customer service team. Read more
What do JP Morgan, Sony, eBay, Yahoo, Three, and Talk Talk have in common?
In the past two years, these companies have all been victims of cybercrimes and have experienced widespread media attention as a result.
An increase in cybercrimes, followed by an increase in media reporting of breached businesses, and moves towards tougher regulatory penalties, has created an emerging market for cyber insurance. Read more