FOCUSONFINANCE
The dangers of vishing to small businesses cannot be ignored Paul Nixon Partner 01233 629255 (Ashford) Paul.Nixon@wilkinskennedy.com www.wilkinskennedy.com
Wilkins Kennedy and Natwest recently held a joint seminar, on cyber security and fraud awareness, where we introduced to the world of ‘vishing’ and ‘phishing’ and the perils of scammers who target large and small businesses every day. The word ‘phishing’ is used to describe the attempted acquisition of sensitive information by electronic means and vishing is that by telephone. Fraudsters will try any means to get you to give them information. Anyone can be targeted but small businesses are particularly vulnerable as there are not normally the controls in place where you have a process to go through before making a payment. An SME business may also rely on off the shelf products for internet protection with the use of firewalls and spam filters, and this is where fraudsters can gain an advantage. The additional danger with vishing, is that it relies on the good nature of the person on the other end of the phone to believe that who they are talking to is genuine. Unfortunately when most people speak on the telephone they give away personal information
without knowing it. A fraudster may ring you a number of times before asking for the sensitive information. In the calls they have made before they will know you have been on holiday, the names and ages of your children maybe even that it’s your birthday. All of this information is gathered so that you have trust in the person who rings you, so when they ask for the sensitive data in respect of passwords and user identification you can quite easily give this information out without thinking about it. The threats to your bank account are: 1. You give the fraudster information that means that they can access your bank account and pay money out without your knowledge 2. The fraudster gives you incorrect details of a change in bank account for one of your suppliers and instead of paying the supplier you pay the fraudster.
There are some golden rules that can help you beat the fraudster: 1. Treat every phone call as a knock on the door. You would not give a complete stranger details about you or your family just because they rang your door bell! 2. If you are advised of a new bank account (by telephone or by email) for a supplier or someone you pay regularly, make sure that you have hung up the phone call and ring the company or business you are dealing with back. If possible use a different number and ask for accounts and not just the person whose name you have been given. Confirm the details of the payment you are about to make and the destination bank account 3. Never click any links to online banking via email - always log on to a website directly
4. Most importantly, remember that legitimate companies will never ask you for your full PIN number or any passwords, so if anyone call you and asks for these hang up immediately and report the incident to Action Fraud 5. And finally if it does not feel right and you have any concerns about what you are being asked to do DO NOT DO IT - most victims of fraud admit to it not feeling quite right about what they were being asked to do but could not quite put their finger on why! Our September seminar was so popular we are re-running the event on 23rd February 2016 with details appearing on our website www.wilkinskennedy.com If you want to keep on top of the latest reported scams, you can also visit the Metropolitan Police Fraud Alert website at www.met.police.uk/fraudalert or www.getsafeonline.org
December 2015 - January 2016 ThinkingBUSINESS
7