<img src="https://certify.alexametrics.com/atrk.gif?account=b2hlr1ah9W20em" style="display:none" height="1" width="1" alt="">

Last year, Tesco Bank reported that £2.5 million was stolen from 9,000 accounts by cyber criminals. Some customers received text messages from the company in the early hours, warning them of fraudulently activity on their account.

The bank temporarily suspended online payments of 20,000 current account customers. Luckily,  no personal data was stolen and all affected accounts were refunded.

Follow these 10 steps to prevent the risk of fraud:

  1. Be vigilant - conduct due diligence on all business associates and third parties so you know who you're dealing with. Watch out for tell-tale signs (red flags) of suspected fraud - including employee fraud, cybercrime, customer or corporate fraud.
  2. Act ethically with integrity and honesty - only make honest declarations (about your credentials, qualifications and expenses); avoid giving unauthorised people access to your company's data, systems, or information.
  3. Only share information on a 'need to know' basis - to prevent identity fraud.
  4. Make sure you don't become an unwitting accomplice - to unscrupulous employees, customers, or suppliers or others in acts of fraud.
  5. Keep anti-virus software up-to-date - don't disable it and make sure updates are installed as soon as they become available to plug known vulnerabilities.
  6. Follow your company's information security rules - for example, make regular backups of data, avoid sharing prevent the risk of fraud passwords, ignore unsolicited emails or phone calls requesting information (don't be pressured into breaching company rules), encrypt or password-protect data which is sensitive or personal, don't click on links in unsolicited emails, avoid using public WiFi hotspots to link to your firms' network, and don't connect personal devices or download unauthorised apps.
  7. Co-operate fully and immediately with any guidance provided by IT which is designed to prevent fraud - for example, on using firewalls, updating anti-virus software, avoiding malware, and so on.
  8. Watch out for possible signs of a DDoS attack - for example, uncharacteristically slow response or network performance when opening or accessing files, unavailable websites or an inability to access your firm's website, or a dramatic increase in the amount of junk mail you receive.
  9. Report any knowledge, suspicions or concerns about fraud or suspected fraud immediately - inform your manager or IT immediately of anything suspicious or of any errors.
  10. Don't try to hide your mistakes - the sooner you report them, the quicker your company will be able to limit its losses.

Leave a comment

Tick

eBook: Essential Uncovered

Skillcast Essentials is our best-selling library and there's a reason for that. Essentials library provides comprehensive coverage of the key compliance / conduct issues that companies in the UK face today.

Download now

Making digital learning accessible for all

As companies become more mature about the use of digital learning for engaging employees, their priorities are shifting from visuals and animation to more fundamental features, such as ...

Read More
Compliance Essentials News - January 2019

In this first update of the year, we have for you an analysis of Google's GDPR fine as well as several other compliance developments and points to ponder. This blog is dedicated to bringing you the ...

Read More
A refresh on the need for new Data Protection Officers in light of GDPR

Editors note: This post was originally published in April 2018 and has been refreshed to provide additional information. Today, 28th January, is Data Privacy Day. The purpose of Data Privacy Day is ...

Read More
FCA Compliance News - January 2019

With Brexit preparations continuing apace, the financial services regulators have been busy through December and January. Our mission is to bring you these items of news that touch upon the people ...

Read More