Is your business at risk, would you be able to spot a cyber attack to your business?

British Jewellery & Giftware International would like to make members aware of potential risks to your business from cyber attacks and phishing emails, these types of attacks are seen more and more frequently and have had some major efforts on businesses around the world. We would advise you to review the links below to make yourself aware of these threats and educate yourself in what to look out for if you are targeted.

10 Steps to Cyber Security

The UK Government has re-launched  '10 Steps to Cyber Security’ offering updated guidance on the practical steps that organisations can take to improve the security of their networks and the information carried on them.

http://www.gchq.gov.uk/press_and_media/news_and_features/Pages/Relaunch-10-Steps-to-Cyber-Security.aspx

Point of Sale Security

Leading IT security firms are predicting a rise in attacks on point-of-sale (PoS) systems in 2015.

http://www.symantec.com/page.jsp?id=secure-your-point-of-sale-system

Trend Micro reported that 2014  went down in history, as year of the “largest retail hacks”. 
http://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/protecting-point-of-sales-systems?linkId=12541780

According to Experian, 60 percent of SMBs that suffer a data breach, go out of business within six months.

http://www.experian.com/blogs/business-credit/2013/11/26/experian-data-breach-resolution-advises-small-businesses-to-be-prepared-for-a-data-breach/

If you do not have the IT expertise within your business to deal with these threats, we would recommend engaging the services of a reputable IT support company, preferably one who has experience in your sector. They will understand the challenges you face, and offer relevant advice.

Phishing – Social Engineering

Targeted attacks are predicted to increase in 2015 using social engineering or ‘Phishing’ techniques to gather information on selected target.

Phishing attacks can lead to malware being downloaded, which can then be used as a springboard to launch more sophisticated, targeted attacks.

The recent theft of over £650, 000 from banks worldwide, started with malware being downloaded onto an employee’s computer

1. Avoid opening attachments or clicking on links from unknown senders. This is one of the primary methods that cybercriminals use for installing malware on your device.
2. If you do not personally know the sender of the message, do not download the attachment or click on any links. Think twice before clicking on any links in emails. These may take you to a site which will then attempt to download Malware onto your computer.
    
3. Think twice before sharing personal information. If you do visit a website from an email and you are asked to supply your name, address, banking information, password, or any other personal information—do not give this info, as it is likely a phishing attempt. If you have any doubts on the validity of a claim, give the company headquarters a call to verify.
    
4. Be cautious on social networks. Cybercriminals take advantage of our natural instinct to trust those we know well. By hacking someone’s social media account and posting a link or sending a flurry of messages as that person, criminals know that they have a high likelihood of duping people into clicking on a link. Even if sent through a friend, be cautious if things look suspicious, especially if the message contains only a link and no text.

Further Reading

• Overview of Phishing 
• In depth report on Social Engineering  from Mcafee
• Security predictions for 2015 from Trend Micro
• The ‘Bank Job’....