
Fraud Protection
Head back to our dedicated hub for the latest fraud trends and useful resources to help protect your business from cyber criminals.
‘Malware’, short for ‘malicious software’, is used by criminals to disrupt computer operations and access confidential information.
Malware can be installed into your computer or your mobile device through clicking a link in an email or text message, opening an attachment to an email, or by downloading software from a malicious source.
Many people assume that their IT Department’s systems will offer malware prevention, but it’s very important that everyone in an organisation is aware of the risks.
Malware can be categorised into two forms: Ransomware and Trojans.
Ransomware enables a fraudster to gain control of your system in order to encrypt your files, demanding a fee to unlock them. Without the decryption code, it is very unlikely that you will be able to access your files again.
Though in many cases the criminals will restore files when the ransom is paid, there is no guarantee this will be the case. Hackers have been known to share stolen private customer information free of charge on the web in order to punish a company for not paying their proposed ransom.
In the case of the US software supplier Kaseya^ (a company which provides software tools to IT outsourcing shops), their own systems were used to infiltrate across its supply chain which meant that up to 1,500 businesses were affected by the ransomware attack.
Trojan programs are a type of malware that enter your computer or mobile device on the back of other software. They act as back doors to the computer, mobile phone or tablet, granting a fraudster remote access.
Once inside your device, a Trojan can give a stranger access to your personal details by taking screenshots or capturing keystrokes.
When logging into online banking websites or banking apps, an unexpected screen might appear, delaying you or asking you to repeatedly input data. While you are delayed by these, a fraudster could be setting up another payment elsewhere, waiting for you to unwittingly authorise it by inputting your PIN and/or other security details.
Trojans remain passive when not in use, making them hard to detect. Firewalls and anti-virus software help to defend against Trojans, but can’t guarantee your protection.
You should always be cautious of ‘pop-ups’ on your screen requesting that you put your card into the reader, input your PIN or other security information, or allow a download.
Ransomware is a particularly difficult type of cyber attack to handle, as many of the ways of countering the attack are actually counterproductive.
Companies are increasingly taking out cyber extortion insurance, which is in effect providing ransomware operators with a guaranteed source of income.
Cyber Intelligence at Barclays report that they have seen criminals try to obtain information about the value and extent of companies’ cyber insurance policy so that they know how much of a ransom to ask for.
As a result, companies should do everything they can to ensure the best controls are in place in order to avoid falling victim to a ransomware attack.
Attackers will often try to target you when making payments or accessing online banking services via your PC or mobile device.
Take a look at some of our tips to help protect your online transactions:
If your computer or mobile device does get infected, disconnect from the network straight away and seek professional assistance. The NCSC (National Cyber Security Centre) provides step-by-step guides with advice on how to remove malware.
Files encrypted by most ransomware typically have no way of being decrypted by anyone other than the attacker, but the following steps may also limit the impact:
The No More Ransom Project^ provides a collection of decryption tools and other resources from the main anti-malware vendors which may help.
Head back to our dedicated hub for the latest fraud trends and useful resources to help protect your business from cyber criminals.
Ransomware attacks are growing in the UK. To foil the cyber criminals, British businesses need to invest in resilience, cyber education and training.
Latest insights