Most cyber fraud is just conventional fraud that takes place online. When trading online, use the same controls your business exercises when accepting orders placed by telephone or post. There are four types of frauds and scams that are particularly suited to cyber attack:
- Payment card fraud – paying for goods or services using stolen or invalid payment card details.
- Online fraud - ordering goods with your personal or business payment details while requesting delivery to somebody else.
- Passing off - somebody else pretending to be you so they can take away sales from your business.
- Social engineering – gathering confidential information, either to give credibility to a conventional fraud attempt or to discredit your business or to sell details on to others.
Cyber frauds and scams often start with spam emails, sent at random, usually to a large volume of email accounts in the hope that some recipients will respond. Some will offer bogus financial or other incentives, while others pretend to be from an official source (eg a bank). They usually request that you click on a web link and fill in a form using your business information.
A good way to protect your business from trickery is to make sure you know your customers – Find out more about IT security and supplier relationships.
The more dangerous attack is one that is specifically targeted at your business, perhaps using information gained from your website or even by phoning your business and speaking to you or your staff. Always be suspicious of customers or suppliers whose details you cannot independently verify.