More Security, Security, Security!

Did you know that an email can be intercepted? Or that your Microsoft Office 365 service can be hacked and your Facebook, Twitter and LinkedIn accounts are (almost) constantly under attack? You may be wondering why ...

In its simplest form, cybercriminals are looking for vulnerabilities in any accounts they can find online, be they email or social. The serious type of vulnerabilities could cost your business big money if they are compromised.

"Let's take a closer look!"

Interception of emails to and from your customers is a big deal. You send invoices to your customers and receive them from your suppliers, and they often include bank details for payments. Manipulated emails can be sent to look like coming from an MD of FD to ask the accounts department of the receiver to pay a supplier. So, you could get your emails intercepted, and so can your suppliers sending them to you. You could end up sending money to a scammer, and the same could happen to your customers when you are expecting payments from them.

From personal experience, one such email cost a company around £20k from a single fraudulent email. The MD's email account had been compromised and with access to the diary, the fraudster knew to write the email as if he was on the plane and asking the lady in their accounts team to make an urgent payment. Another email interception led to an invoice being manipulated and bank account details being changed.

"The customer thought he had paid the £8k invoice until the supplier was demanding payment!"

Compromising an Office 365 account may give access to letterheaded paper as well as lists as many companies still have spreadsheets with full details of customers on them. As you know, data protection is law is not just a directive as in previous years. There are hefty fines involved so you could lose big money in that respect too if the Information Commissioners Office gets involved.

With the world revolving around data, security and protection is paramount and unless you are a large enough company to have in-house expertise in cyber security, then chances are, you are relying on your IT company to also have the depth and breadth of knowledge in firewalls for your servers and/or the understanding of the complexities of protecting emails.

"Another part of security is your data backup. Can your business recover if there was a breach and the data was compromised?"

Having the right procedures in place, looking at new technologies that encrypt emails before they leave your outbox and securing data in 'the cloud' or on on-site servers/storage solutions should all be part of ongoing IT reviews and testing of IT systems and firewalls.

In previous blog posts, I have spoken about direct attacks on your systems through other connected devices and this edition covers indirect and seemingly invisible threats to your business.

Talk to the experts, look at email security in particular, check your Office 365 account passwords and make sure that they are regularly changed and secure.


If you feel inspired to find out more then do call me on 07555 807700 or leave a comment below and I'll be in touch as soon as I can.