Cybersecurity 101: How Can Businesses Keep their Money Safe Online?
With an estimated $3tn lost through cyber crime in the last year, cybersecurity is absolutely critical for any business these days. TFG explore and investigate a few of the ways businesses are dealing with keeping their money safe online, as well as a few smart tips to spot spam, scam and suspects on the web.
The concept of the internet as a source for collaboration, sharing personal information and virtually handling payments has been somewhat uneasy and daunting since the boom of the internet. With cybersecurity and cyberthreats at the top of many company agendas, Trade Finance Global took a deep dive into some of the tools businesses are using to keep their money safe online.
The innovation and investment that the internet has created has inadvertently paved the way for hackers and money laundering; it’s estimated that some $3tn worth of cyber crime damages was done in 2016, and so it’s important to ensure a few things when you’re making transacting over the internet.
There are some simple tips you can keep in mind while shopping, banking or conducting any business online.
Ensure you are on a secure site
How do you know this? Look for the lock icon up in the browser and pay attention to security warnings or pop-ups — don’t simply ignore them. Also, do not click on any pop-ups unless you know they are indeed a part of your computer’s security monitoring software.
There are several types of security certificate, the EV (extended validation) Certificate being the highest. Many larger businesses which are e-commerce sites such as Amazon and eBay have EV certification which is harder to obtain as you need to prove that you are a legitimate business. Less secure sites with https protocol could still be dodgy – as an example, if you went to the website: https://www.p4pal.com, it would still have a domain validation certificate, but not an EV.
You can check if a website has an extended validation certificate by looking at the URL nav bar. Browsers would show a lock icon and a green address bar if they have EV certificates, as shown in the image below:
Use a secure WiFi connection
Although it is easy to jump onto your work or public WiFi while out-and-about in order to check your corporate emails, do internet banking, check your investments or do some shopping, but unsecured WiFi connections are hackable, and personal information could be hacked, so it’s always best to avoid sharing personal information over unsecured WiFi where possible and to ensure that your information stays safe.
According to a survey of Americans in 2016, 60% believed that their information is safe when using public WiFi, and only half think that they bear personal responsibility for ensuring that their data is secure.
The issue is that unsecured WiFi networks are inherently susceptible to interception as the data is not being sent to the router securely (e.g. via WPA or WPA2 protocol). This leaves the data at risk of being intercepted and then used maliciously by hackers, in particular, bank card and personal identity information.
Track your accounts
It is always recommended that you monitor all of your accounts and also set-up alerts to notify you of any changes. This way, you are sure to be notified if something happens.
Secure your passwords
Keep your passwords in a safe location. Nowadays many companies use a password manager such as dashlane password manager or LastPass. This method works great for enterprises and individuals alike. Also, try not to send your passwords to others via email, messenger, text message, etc.
Beware of phishing emails
Never process a transaction from an email link. Often these are scams and are considered “phishing” emails. Clicking on an unknown link or one you aren’t expecting is one of the number one financial scams around.
Many phishing emails are constructed poorly and it’s quite obvious they are fake, but nowadays, the level of sophistication of phishing scams is much higher, using similar tactics to those of marketers to get you to click on their links. Phishing campaigns might piggyback of events, anniversaries or topical stories.
In the case of phishing, someone would receive an email from a ‘known’ contact in their contact book. The email would attach a malicious file attachment that contains phishing software, or just a link through to another malicious website. The objective of the attack is to get you to install malware on your computer or device and divulge into personal information or financial records, as well as account IDs and credit card information.
The larger a company gets, the more important security is, due to the amount of sensitive data or financial information it is more likely to be housing on its servers. Therefore, security is key. In fact, big name companies like Google, Apple, Facebook, PayPal and PokerStars have reinforced their security to provide users with a more secure service, and one of the methods is the use of SMS messages to verify security. In the cases of PayPal and PokerStars, this concern is of even greater importance and scope due to the number of monetary transactions being made, and therefore each company indeed has powerful systems of security.
Be sure to use these simple tips before entering any banking data, including debit or credit card information. Of course, there are many more things to beware of, but these words to the wise should be the most important to follow. If something looks too good to be true, it probably is.