The rise of cybercrime since lockdown began

The Financial Stability Board (which coordinates financial rules for G20 nations) has said that remote working from home has fuelled a rise in cybercrime activities. Incidences of scams such as phishing, ransomware and malware grew from 5,000 per week in February 2020, to more than 200,000 per week by April 2021.

In their report to the G20, the FSB stated: ‘Most cyber frameworks did not envisage a scenario of near-universal remote working and the exploitation of such a situation by cyber threat actors.’ Although the report focused on financial institutions, its recommendations could apply to most businesses when it said that they ‘may need to consider adjustments to cyber risk management processes, cyber incident reporting, response and recovery activities, as well as management of critical third-party service providers, for example cloud services.’

Moving to work-from-home models means that businesses and the self-employed have had to rely increasingly on third third-party services to manage remote-working logistics, while they have also had to rely on home Wi-Fi with, often, weaker security than they are used to. It’s created many loopholes for cybercriminals to exploit.

Surely contractors aren’t targets of cybercrime…

While we tend to think of cybercrime as targeting mostly big businesses or pensioners, smaller businesses are not immune, as reported on The Fintech Times in their report on data presented by the Atlas VPN team who looked at the most common cyber-attacks across Europe last year. They reported that:

• 41% of European SMEs experienced a phishing scam;
• 40% were hit by a web-based attack;
• 39% were the victim of malware;
• 19% were stung by ‘malicious insiders’ – where someone abuses legitimate credentials;
• 12% were struck by denial of service attacks.

It’s important to remember that these figures relate to small and medium enterprises, not huge multinational conglomerates. This is exactly the category your limited company fits into and they’re big numbers. Add to this the research by Citizens Advice which shows more than 36 million adults (that’s two-thirds of adults in the UK) were targeted by scammers in the first half of 2021, and it’s apparent that contractors are just as at risk of falling victim to a phishing scam or another type of cybercrime as any other type of small business.

This can be demonstrated by looking at a very common phishing scam that has boomed in the last year. That is the well-known HMRC-branded phishing scam, which is up a massive 87% in the last year. Most contractors will no doubt recognise this one. You get an email or text, apparently from HMRC, letting you know you’ve paid too much tax and have a big rebate waiting for you. It can be tempting for contractors to click on these.

After all, when you’re self-employed, you have a lot of contact with HMRC so these messages can seem legitimate. and, with the financial hardship the pandemic has brought to many, some contractors may experience wishful thinking, that they could in fact be owed thousands of pounds by the tax man – no doubt the exact feelings scammers have been preying upon. It’s all too easy to fall for, but doing so could risk not only your data, but your clients’ as well.

Contractors need to be vigilant

As a contractor, you have a duty of care not only to yourself but also to your clients when it comes to protecting data. For this reason, you need to remain vigilant to ensure you don’t fall victim to cybercrime. You might not have anything of your own that could be compromised, but you could well have sensitive data belonging to your client, or even backdoor access to their network that scammers could want to gain access to.

What kind of day-to-day things can you do to keep cybercriminals at bay? We’ve gone into full details in this feature, but for starters, contractors should:

• Keep an eye out for typos that would suggest a message isn’t official;
• Ask themselves whether or not the message is expected;
• Check if the contact details seem genuine or if they’re from a personal email address or mobile number;
• Avoid clicking on attachments or links that are from unknown people or are unexpected;
• Never trust cold calls;
• Get cyber cover.

These are all really easy things that you don’t need to be a cyber security expert to do. And the last one? Well, Kingsbridge can help you make that one even easier.

Why should contractors get cyber liability insurance?

Cyber liability insurance from Kingsbridge not only covers you against the financial cost of a cyber-attack, but it also gives you peace of mind that, should things go wrong, you have a team of professionals on hand to help you. Our policy gives you:

• Up to £20,000 of business interruption costs;
• Up to £100,000 of system and data rectification costs;
• Up to £25,000 of regulatory defence and penalties;
• Up to £25,000 of cyber extortion and ransom costs.

In addition to all of this, policyholders also have access to ReSecure, a dedicated 24-hour helpline and specialist cyber incident recovery service. In the event of an attack, you can call them and they will help you to discover the cause of the breach, assist in the recovery of lost data, and help restore your systems back to full working order.

While it pays to be vigilant, new scams are being created by cybercriminals all of the time, so cyber cover is your backup should something slip by you. To find out more or to purchase a policy, you can call our specialist team on 01242 808740 and they’d be happy to help.