10 Ways your business can manage the risk of cyber-crime

BY SANDY LEIGH SCHOLTZ - MAY 17, 2017
10 Ways your business can manage the risk of cyber-crime

I recently attended a very interesting presentation on computer crime and some of the general threats that businesses should be aware of. Although computer crime has far reaching consequences and can result in a devastating state of affairs for any business, it remains an aspect of business security that does not always receive the attention it should.

With the reliance on technology in the business world as it is today, cyber security is something that all businesses should invest in and there are many ways to limit your business’s exposure by making relatively small adjustments to your daily technology habits.

Here are 10 ways to help manage the risk of cyber-crime in your business:

1. Don’t open emails with attachments from unknown sources, no matter how legitimate it may appear. Approximately 90% of computer crime is a result of “phishing” which involves fraudulent e-mails sent from dishonest senders or hacked accounts. Whilst the attachments are usually aimed at requesting you to enter personal information (such as usernames or passwords) on a redirected link, by simply opening the email there is an approximate 69% chance that malware (a virus) can download onto your device.

2. Don’t open emails from a known source where their e-mail address has been altered or the layout of the e-mail is not in line with their normal appearance. A common cyber threat is “spoofing” where you get a fraudulent e-mail from someone you know but their e-mail address is slightly altered (such as an extra digit or letter) and, in some cases, this alteration may not even be visible (such as where an e-mail address is created in a foreign language and has simply been translated and now appears the same as a known source).

3. Be cautious of saving passwords online as this would mean that your password is “floating” in cyberspace and capable of being hacked and, where possible, always try use a 2-step verification process that involves 2 different devices i.e. a pc and your mobile phone.

4. Don’t use your e-mail account as storage for old messages as malware that has been unknowingly downloaded onto your device can access this and use all such stored information. Rather save e-mails offline.

5. Only use your personal and trusted devices, especially for logging on to online banking i.e. not someone else’s device or a public device that could be infected.

6. Be cautious of using single sign-on options as this could assist a hacker in obtaining easier access to all of your online accounts in addition to the individual account/s hacked.

7. Don’t use saved website addresses, but rather type out the website every time when logging onto a site as a virus could simply redirect your search to a very legitimate looking fake site to obtain your login details.

8. Be wary of using free wifi unless you have been given a unique password to avoid the “middle-man” crime where someone else logs onto the same free wifi and hacks it to redirect you to fake sites and again obtain your login details.

9. Be careful what you load onto social media sites as this is where hackers obtain your personal information to make their fake e-mails seem legitimate. They also use your personal information to guess your usernames and passwords.

10. Never accept a change in banking details received via an e-mail. Rather always confirm such a change telephonically. In turn, advise your clients that your business will not change its banking details and that if they get any such notification, no matter how legitimate it looks, they must phone you to confirm.

Implementing the above measures may assist you in limiting your exposure to the harsh effects of cyber-security and help you build client assurance against these risks. It may further be advisable to conduct a cyber security assessment to highlight risk areas and to review your business insurance to ensure that you are satisfactorily covered in the event of experiencing a cyber-attack. 

At Goldberg and De Villiers we take an interest in our clients’ businesses and it would be our pleasure to be of service to you.
(with thanks to Kevin Hogan at Investec for his insightful presentation)

For more information contact Sandy Leigh Scholtz, Corporate and Commercial Department on 041 501 9800.