Conference to explore rise in cyber crime

Up to half-a-million small and medium-sized businesses in the UK could have been victims of cyber crime through their emails at an average cost of £27,000, according to research carried out by Lloyds Bank.

Dubbed ‘impersonation’ or ‘CEO’ fraud, cyber criminals are using ‘business email compromise’ to steal money or upload malware to corporate computers. Attackers typically hack the email accounts of senior personnel, such as chief executives, and then send messages to employees in their name, using the target’s rank to encourage either an unauthorised payment or the opening of links or documents.

Any payments secured usually go to bank accounts controlled by the criminals. The links or documents typically contain malware, which allows the criminal access to the firm’s computers.

According to industry reports on the Lloyds Bank research, 53% of respondents said they had experienced scammers posing as their boss and 52% said they had experienced fraudsters posing as suppliers to demand payments.

Andy Watterson, Business Crime Manager at East Midlands Chamber (Derbyshire, Nottinghamshire, Leicestershire) said “These tactics are becoming increasingly popular among cyber criminals because employees tend not to question an email that comes from their boss, especially if it tells them to make a payment to what looks like a genuine supplier”.

He added: “Lloyds Bank calculated that about 500,000 SMEs in the UK have probably been affected by ‘impersonation’ or ‘CEO’ fraud. Lloyds also found that there had been a 58% rise in this type of cyber crime so far this year, with legal firms being the most at risk. Businesses need to make sure their staff are alert to this threat and are trained to recognise and block it.”

Later this month, the Chamber will be hosting its annual East Midlands Cyber Security Conference.

The theme of the conference will be ‘digital risk’, where delegates will be encouraged to take a ‘360 degree’ look at their business to identify the areas in which they use IT and data and learn practical measures and strategies to reduce the risk of attack, fraud or data loss.

By examining the consequences of a fraud, breach or data loss, delegates will be better able to assess the risks and consider what action they should take to reduce it, just as they would for other risks to their business, such as regulation, fire and flood.

Through a series of workshops, panel discussions, exhibitions and guest speakers, delegates will get practical guidance to steer their thinking on cyber security both from a technical standpoint and about the processes and governance needed to underpin it.

This event, which is free for Chamber members, is for all businesses, regardless of size or activity, and includes a networking lunch and exhibition.

Andy added: “Cyber criminals are getting cleverer by the day and the potential costs of not preventing cyber crime are increasing on a par with the risk, so companies must remain up to date about the latest risks and know what steps to take to remove them.”

The conference takes place at Chesterfield FC’s Proact Stadium on Thursday 27 September, starting at 9am. To see the full agenda and to book a place, click here.