Trade – you’re at risk of cybercrime!

Trade - cyber risk - A-Plan Insurance

You may think that you, and your business, are unlikely to be targeted by scammers, and it’s understandable to think that way. You don’t use a computer all day and are unlikely to have ‘IT infrastructure’. You likely see yourself as a small business and feel that your data is not particularly valuable to scammers or attackers.

The reality is the opposite.

Your data (and that of your customers) and systems are still at risk. Scammers looking for a quick win will go after the size of a vulnerability, not the size of the company, and from their perspective it’s a case of ‘the smaller the company, the easier the target’ – and the trade is a current target.

Earlier this year, GCHQ published its first ever findings on cyber security for the UK construction industry illustrating the growing need to raise awareness in the sector. While larger construction firms are likely to have firewalls and training in place to try to reduce the risk moving forward, smaller businesses and sole traders remain at high risk.

We talk to cyber expert, Francis West, CEO of Security Everywhere about the risks to the trade.

Francis has a great reputation for offering down-to-earth examples, and great advice to help protect your business – and your customers’ data. He is on a mission to ‘protect a million people from hackers and scammers by 2023’ so we’ve teamed up with him to help him reach as many as possible.

What is classed as ‘data’?

You may be surprised at the type of information you could be targeted for, how you could be targeted, and why.

See also  Insurer that Acts in the Custom & Practice of Industry Acts in Good Faith

These are some examples of data you are likely to hold that a scammer would be interested in:

Customer bank or credit card detailsPersonal addressesEntry door and alarm codesAny and all information to find and enter your customers’ virtual or physical addresses

In a nutshell, the data you hold is a conduit to your customers – to breach this data could put a customer at risk, enable them to sue you, and cause you irreparable reputational damage.

What is cybercrime?

Think about the threat of cybercrime in terms of a house. You have ‘Norton’ or ‘McAfee’ installed which protects your front door. But if someone wants your data, they will come through the floorboards, the ceiling, the chimney, the windows.

The reason why the trade is being targeted is because scammers know that the industry doesn’t take it as seriously as it should. Small trades are an ideal target for a scammer to take £50 off 3,000 people in one day for a quick win! Barely noticeable, until you add it all up.

These are some examples of types of cybercrimes:

Supply chain scams

Business owners can be incredibly trusting about their supply chains. This could be a site cleaner being bribed to insert a USB pen into a computer in the office after hours – in fact 99% of businesses don’t lock down their USB ports and scammers are aware of this!

Or consider when you pop out to pick up supplies – and you log into a merchant’s open Wi-Fi to check your messages or order confirmation. A hacker can tap into open Wi-Fi – and you then carry the infection home with you, so that the hacker can access your home system as well.

Spear-phishing

You may have heard of ‘phishing’ which is where an email or text is sent out randomly in the hope/knowledge that someone will pick it up and click or pay for something they shouldn’t.

See also  Maryland License Plate URL Now Directs To An International Gambling Website

Spear-phishing is very targeted. The scammer knows who he is targeting, likely the owner of a business. That could be you. You may be targeted for a fake email alleging to be from your usual supplier, it may look identical, but it isn’t from them. They could even call, maybe offering you a refund as they overcharged you and requesting your bank details. Or you could receive a text asking you to pay an outstanding invoice.

Ransomware

Many don’t realise that ransomware is quite literally holding you to ransom while the scammer has control over your systems or data.

The scammer will encrypt your data, leaving you with a message on your computer or mobile phone wanting something around £10,000 or more in Bitcoin to release your data. This can become even more sinister when personal threats are made to you or your loved ones.

If you couldn’t contact your customers or contractors for days, or weeks, on end, could you do your job? It’s important to protect yourself.

The importance of password security

Password security is an easy-to-fix essential component of good cyber health. Whether using a mobile phone or laptop, whether for personal documents, system log ins or social media – switch all of your predictable, short passwords like family or pet names, and the ever-popular password ‘passw0rd’ to something harder to crack.

Test the strength of your password here. Don’t worry, it is a safe site – it will tell you how long it would take to crack your password. A password like ‘Charlie’ would be cracked instantly, where an abstract password like ‘deskhatsunshine2022’ would take two hundred million years! And an exclamation mark to the end and you’re safe for two hundred billion years.

See also  Akio Toyoda May Have Lost the Job Title, But He's Still the Guy

Choose your new password using the recommended length for security and check it again.

How secure are you?

Did you know that there is no ‘national cyber security helpline’ available for you to call should the worst happen? You can report an incident to Action Fraud, but that is not going to get you out of hot water, nor can they really advise you on how to safeguard your systems in the first place.

Computers and mobile phone operating systems aren’t designed to safeguard you either.

Ultimately, the responsibility is yours. Scammers know that most tradespeople do not have any protection on their mobile devices, in particular.

One way to look at cyber security is to consider your car, or van. Who is responsible for driving it safely, making sure it’s locked up, roadworthy, insured – is it the manufacturer, or is it you?

Now think of data as you would your tools, or money – how locked up is this information?

If you have two minutes to spare, take this FREE QUIZ and receive an instant FREE overview of how safe you are.

Expert advice for the trade

It’s important to consider the implications – and financial cost – of a cyber-attack on your business, whether small or sole trader. Expert advice is at hand for small businesses – Francis has offered A-Plan business clients a 10% discount on first-year security via his Security Everywhere services. Simply use the code APLAN10.

If you have concerns or would like to talk to us about business insurance, including cyber insurance and whether it’s right for your business, give your local business branch a call. The team will be happy to advise you.