Tesco Bank reported that £2.5 m was stolen from 9,000 accounts by cyber criminals in 2016. Customers received texts in the early hours, warning them of fraudulently activity.
Follow these 10 steps to prevent the risk of fraud:
- Be vigilant - conduct due diligence on all business associates and third parties so you know who you're dealing with. Watch out for tell-tale signs (red flags) of suspected fraud - including employee fraud, cybercrime, customer or corporate fraud.
- Act ethically with integrity and honesty - only make honest declarations (about your credentials, qualifications and expenses); avoid giving unauthorised people access to your company's data, systems, or information.
- Only share information on a 'need to know' basis - to prevent identity fraud.
- Make sure you don't become an unwitting accomplice - to unscrupulous employees, customers, or suppliers or others in acts of fraud.
- Keep anti-virus software up-to-date - don't disable it and make sure updates are installed as soon as they become available to plug known vulnerabilities.
- Follow your company's information security rules - for example, make regular backups of data, avoid sharing passwords, ignore unsolicited emails or phone calls requesting information (don't be pressured into breaching company rules), encrypt or password-protect data which is sensitive or personal, don't click on links in unsolicited emails, avoid using public WiFi hotspots to link to your firms' network, and don't connect personal devices or download unauthorised apps.
- Co-operate fully and immediately with any guidance provided by IT which is designed to prevent fraud - for example, on using firewalls, updating anti-virus software, avoiding malware, and so on.
- Watch out for possible signs of a DDoS attack - for example, uncharacteristically slow response or network performance when opening or accessing files, unavailable websites or an inability to access your firm's website, or a dramatic increase in the amount of junk mail you receive.
- Report any knowledge, suspicions or concerns about fraud or suspected fraud immediately - inform your manager or IT immediately of anything suspicious or of any errors.
- Don't try to hide your mistakes - the sooner you report them, the quicker your company will be able to limit its losses.
Want to learn more about fraud & compliance?
If you'd like to stay up to date with fraud best practices, industry insights and key trends across regulatory compliance, digital learning, EdTech and RegTech news subscribe to Skillcast Compliance Bulletin.
You can follow our ongoing YouGov research into compliance issues, attitudes and risk perceptions in the UK workplace through our Compliance Insights blogs.
And if you're looking for a compliance training solution, why not visit our Compliance Essentials Course Library.
Last but not least, we have 60+ free compliance training aids, including assessments, best practice guides, checklists, desk-aids, eBooks, games, handouts, posters, training presentations and even e-learning modules!
If you've any questions or concerns about compliance or e-learning, please get in touch.
We are happy to help!