20 Feb 2009
Online crime is costing small businesses £800 a year on average, according to research from the Federation of Small Businesses (FSB).
Fifty-four per cent of small firms said they were a victim of crime last year, according to the Inhibiting Enterprise: Fraud and online crime against small business report.
About a third of respondents reported problems with phishing emails, 15 per cent said they were victims of card-not-present fraud, and another 15 per cent complained of IT problems caused by viruses and hackers.
Most fraud costs small businesses between £500 and £5,000, while the average cost across the sector is £768 a year, said the FSB.
There was also a clear message from small firms that the current fraud reporting system is inadequate.
One third of respondents said they do not report fraud or online crime to the police or their banks because of a lack of faith in the system.
In addition, 53 per cent said they needed clearer information about how and where to report this type of crime, while 44 per cent said needed a specific fraud and online crime contact in their local police force.
Mike Cherry, chairman of home affairs at the FSB, said businesses are being left exposed. He added that the forthcoming Police Central E-crime Unit and the proposed Nation Fraud Reporting Centre will need to work closely if they are to set up an effective intelligence gathering system.
“E-crime is becoming an increasingly serious issue for small firms, which are losing up to £800 a year to fraud and online crime – a cost which could have a significant impact on a small business," said Cherry.
“The internet is a huge and unregulated area, but businesses need to have confidence that there are at least some structures there to support them."
SMEs falling victim to fraud via phishing emails, viruses and hackers are evidence that fraudsters have targeted the weakest link in the chain: human nature.
In a recent case, over 2,000 C-level executives in the U.S. fell for an email scam that claimed they had been sued in federal court and must follow a weblink to download court documents. Concerned executives did just that and were taken to a phony website where they had to install browser plug-in software to view the documents. That software enabled the criminals to almost limitlessly access the victim's computer.
These examples show how spammers are playing on two elements: their victims' fear that they have done something wrong and the impact of 'official' documents.
Dealing with this type of spam requires a three-pronged approach. The first two are obvious: using anti-spam and anti-phishing software as well as anti-virus engines to check web downloads, including viruses on websites that spam emails point too.
The third is education. Employees need to be told (and regularly reminded) NOT to open any emails that look suspicious. Even if they appear genuine, official entities will only use official letters in the post and never emails to notify people of pending legal action. If unsure, making a call to verify its authenticity will only take a few minutes.
The question is: how many employees are actually listening?
Yours truly,
David Vella
Director of Product Management
GFI Software
www.gfi.com
Posted by: David Vella 20 Feb 2009
Have your say on this article
Newsletters
Latest stories from Security Technology
Latest videos
You may also like
Security Technology jobs
Will Google’s new privacy policy impact how you use its services?
Rubbish in... rubbish enterprise. Why proper data management is so important (video, 6 min)
This Forrester report compares the costs and benefits of legacy email and productivity software with Google Apps
Upcoming Events
Join us to meet other professionals tackling this issue, and hear from Goy Roper, interim head of ICT of Norfolk County Council how his organisation deployed a flexible and intelligent network to cope with the challenge
Date: 07 Mar 2012
Time: 9am
The implementation of robust, relevant digital strategies is more crucial than ever to the success of insurance businesses
Date: 01 Mar 2012
Time: 09:00am
Receive the latest jobs direct to your inbox
Are you being paid what you are worth?
