
Fraud Protection
Head back to our dedicated hub for the latest fraud trends and useful resources to help protect your business from cyber criminals.
As workforces have become more mobile, employees no longer always work on a single trusted network, making security more difficult.
There are various different types of network attack, but all require the exploitation of an unsecured network. Where the network is not encrypted, an unknown third party may intercept communications that are being sent.
Emails are the main communication method for most companies, yet it is often forgotten how unsecure the communications are. An email can be thought of like a postcard — it can be read as it moves across networks.
It is therefore important that sensitive information is only sent over encrypted networks. Secure Sockets Layer (SSL) is the standard security technology for establishing an encrypted link between a web server and a browser.
Man-in-the-middle attack
In a ‘Man-in-the-Middle attack’ (MITM attack), the attacker intercepts the network and watches the transactions between the two parties. They are then able to steal sensitive information, such as account passwords, banking details, or customer data.
A common example of a MITM attack is ‘active eavesdropping’. This is when the attacker makes independent connections with the victims and relays messages between them to make them believe they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker. The attacker is able to intercept all relevant messages passing between the two victims and inject new ones.
Distributed denial-of-service attack
A Distributed Denial-of-Service attack (DDoS attack) is when a hacker tries to bombard a website with traffic from multiple sources, causing the site to become overwhelmed and crash.
Attackers create a network of infected computers known as botnets by sending and spreading malware through websites, emails and social media.
Once the malware has been distributed it allows the hacker to launch an attack remotely, sometimes using a botnet of over a million different users, without their knowledge.
There are places on the Dark Web where it is possible to buy and sell botnets or individual DDoS attacks. For a small fee, a fraudster can disrupt an organisation’s online operations, causing them to lose out on sales and suffer from damage to their reputation.
If you believe you may have fallen victim to a network attack, contact us immediately. Our team will try to recover the money from the fraudster’s bank account. The quicker you alert your bank, the greater the chance of recovering the funds.
Report it to ActionFraud – the police’s national fraud and cyber crime reporting centre. Even if you’ve not suffered any financial loss, this will allow the police to analyse trends and help them to prevent fraudsters exploiting other companies. You can file a report via their website at www.actionfraud.police.uk^, or call 0300 123 2040.
If you have any queries, please speak to your Relationship Director.
Head back to our dedicated hub for the latest fraud trends and useful resources to help protect your business from cyber criminals.
What is a data breach? Read practical tips to keep your business safe.
Latest insights