Cyber fraud costs UK businesses approximately £27 billion per year and can severely affect the brand and customer confidence of franchise networks. You may be aware that there has been a rise in cyber-crime during the current COVID-19 pandemic, with cyber-criminals using public interest in news and government support packages as a new means of infecting internal systems. In this blog, Goldstein Legal will explain these new attacks and offer guidance to help franchisors and franchisees mitigate such risks. While the below is specifically aimed at the franchising community, the information is also applicable to other business operations.
What does cyber fraud look like?
The primary method currently used to defraud unsuspecting businesses is the use of ‘phishing’ emails. It is estimated that almost half of all UK fraud cases arise from ‘phishing,’ while identity theft, the use of malware, and money laundering are also prevalent.
At is core, ‘phishing’ is the sending of emails whereby a cyber-criminal portrays themselves as a trustworthy individual seeking specific information or encouraging an action. While not always easy to identify, a fraudulent email will usually contain some, or all, of the following characteristics:
Franchisors and franchisees are especially encouraged to watch out for any unsolicited communication related to the COVID-19 outbreak. There have been ongoing reports of fake government headed emails being sent to multiple organisations encouraging the recipient to sign up for various Coronavirus support packages, including VAT suspension. Such emails have been reported to contain the request of immediate action by way of clinking a link incorporated within the email itself. Upon doing so, the unsuspecting user is potentially exposing the system to malware or a similar form of attack.
How does it affect businesses?
Fraud can have a devastating effect on a business, both internally and through the perception of clients and customers. A defrauded company may experience some, or all, of the following consequences of an activated ‘phishing’ email, depending on the scale of the fraud:
What steps can I take to help prevent this?
It is imperative the franchisors and their franchisees have robust training, reporting, and IT support programs in place to help minimise the threat of cyber-crime. In the current climate, the move to home working has also contributed to the rise of attacks as employees are effectively working in isolation. Accordingly, businesses should:
In general, businesses should regularly encourage employee vigilance to combat cyber-attacks. Each employee is equally likely to be targeted in a company where every worker has an email profile. This is particularly pertinent given the current threat of increased ‘phishing’ in relation to COVID-19.
You may also be interested in