In part 1 of our article we shared with you our seven basic tips to assist in protecting your online reputation. In this part 2 article, Michael Murphy, having advised clients for risk avoidance and insurance purposes, shares his experience and six tips to be ‘cyber fraud aware’ and to avoid becoming a victim of a cyber attack:-
- Do not be lured into sharing sensitive or personal information with somebody whose identity you have not properly established. Conduct yourself online as you would on a day to day basis – you would not walk up to a perfect stranger and share your closest secrets with them, so guard your details when establishing a new connection on Twitter, LinkedIn or other website. Cyber criminals can be very convincing so be aware of the risks of identity theft and fraud.
- Never, under any circumstances, share or input your bank account details unless you have properly established that you are dealing with a legitimate party/website – look for the ‘lock’ tab in the URL to make sure that you are dealing with a secure, legitimate site. Sometimes if a ‘bargain’ looks too good to be true, you should carefully check to ensure that you are dealing with the legitimate website, particularly as the ‘fake’ sites can be designed to look very similar.
- Always verify bank account details directly, not by email, before making a transfer. If you are transferring funds and relying upon email for the other party’s bank account details, always be sure to verify directly with the party (in a form other than email) that those details are correct – particularly if they are differ from any previously provided account information. Never rely just on email as cyber criminals can intercept communications. Once the money is gone (often to another jurisdiction), it can be very difficult, if not impossible, to recover such funds.
- Do not open any suspicious emails or click on any links due to the risk that it may be part of a phishing scam. If you receive an unusual email purporting to be from a colleague asking you to make an urgent funds transfer, check with the colleague in question in person before acting on the request. Often fraudsters will use your online presence as part of their attempts to send a convincing phishing email and, if you are not careful, you can become another cyber victim.
- If your organisation is the subject of a “Denial of Service” attack and is the subject of blackmail, discuss the options open to you with your IT department/contractors and obtain urgent legal advice. Check the terms of any cyber insurance that might be in place and alert the authorities. We recommend that organisations have in place Cyber Risk Procedures and Protocols for such eventualities. We can assist in the drafting of any such documents.
- If you are in a senior management position in your organisation, we recommend that you put cyber risks to the forefront of your firm’s risk management assessments. This is also important in light of the General Data Protection Regulation coming into effect on 25th May 2018. We are available to assist with the provision of cyber seminars and training to Boards of Management and/or end users. In the training we address the cyber risks that they should be aware of as they are on the ‘frontline’.
If you require legal assistance on any of the topics discussed please contact Michael Murphy, Senior Associate.