What is cyber-crime and why do I need to be aware of it?

As you grow from being a child to an adult, you learn that somethings in life are private and often this is to keep you safe. For example, you wouldn’t share the combination for your bike lock to a stranger walking down the street and you wouldn’t broadcast how much money you have in your bank account.

Another thing we learn as humans is that sometimes, things are too good to be true. Often, the thing turns out to be a disappointment or negative to what was initially on offer.


We are told that if you open the door to someone cold calling at your door, that there is a good chance they are not who they say they are and that you need to check certain elements to obtain who they are.


This is a similar principle for suspicious phone calls, messages and emails which are often phishing emails.


We now live in a world where computers, smartphones and tablets are used all day, every day. Businesses rely on technology and the internet to trade and complete everyday tasks from printing paperwork to running the logistics of a warehouse. With the increased use of technology and the internet, comes a heightened risk of businesses being targeted by cyber criminals.


The good news, however, is that there are some basic things you can do to keep yourself, your business and your employees safe. To avoid becoming a victim of online crime you don’t need to be a computer expert. Developing a few good online habits drastically reduces your chances of becoming a victim of cyber crime, makes you less vulnerable and lets you use the web safely.


You would have a fire procedure in your physical work premises and the same logic should be applied to your digital work environment. Here are a few of the steps you can take:

  • Using secure unique passwords are essential to stop unauthorised people entering your accounts. Other security measures are enabling your computer's firewall, installing anti-virus and updating your software.

  • Comparable to having building and content insurance and installing smoke alarms, backing up your data ensures you can't lose everything if you are hacked or ransomed.

  • Akin to being suspicious of strange and unusual callers, and double-checking people's ID, be suspicious and on high alert for strange seeming emails and other messages. Never click on a link that is sent to you unless you are expecting it and are sure it is reputable.

  • Just as you would stay away from unlit and unfamiliar areas when you are walking home, be cautious about the websites you visit and the origin of the software that you install.


What is cyber-crime?

Cyber crime is an ‘umbrella’ term for many different types of crime which take place online or where technology is a means and/or target for the attack.


Cyber crime is often broken into three categories of cyber dependent crimes, cyber enabled crimes and the use of the internet.

  • Cyber Dependent Crimes, where a digital system is the target as well as the means of attack. These include attacks on computer systems to disrupt IT infrastructure, and stealing data over a network using malware. The purpose of the data theft is usually to commit further crime.

  • Cyber Enabled Crimes, ‘existing’ crimes that have been transformed in scale or form by their use of the internet. The growth of the internet has allowed these crimes to be carried out on an industrial scale.

  • The use of the internet to facilitate drug dealing, people smuggling and many other 'traditional' crime types.

Why do cyber criminals commit cyber-crimes?

Due to the monetary value of the information that is available for cyber criminals to steal, cyber crime is a very appealing market for cyber criminals.


Personal information including details such as your name, address, date of birth, payment card and bank details and username and password can be used to set up accounts in your name, commit crimes and financial fraud in your name and run up thousands of pounds in charges that you are responsible for.

Just like a regular scammer, cybercriminals can send very sneaky and convincing emails to people pretending to be their bank, HMRC, PayPal or their boss. They can send out emails from your email account pretending to be you! Within the email is a link that once clicked, could download malware to steal, destroy or lock up the computer's data.


It is also common for these 'phishing' emails to try to take you to a phoney website or call centre, where you will be asked to enter your personal information in a fake authentication process. This is how criminals steal your details. Be alert to these scams and delete suspicious emails and hang up on suspicious phone calls.


So, what can I do to help my business being a victim of cyber-crime?

Businesses of all sizes are at particular risk of cyber-crime and would benefit from working towards Cyber Essentials which is a Government approved scheme.

Sometimes, businesses are unsure about where to start to prepare for Cyber Essentials.


The Cyber Essentials readiness tool is a series of questions that have been developed to lead you through the main parts of the Cyber Essentials requirements.


If there are areas where you need to put more controls in place, you will get a link to guidance about how to make those changes. At the end of this process, you will get a list of actions outlining what steps you need to take to prepare for Cyber Essentials and links to specific guidance on those actions.


This readiness tool is the step that comes before taking the Cyber Essentials self-assessment. It will start you on your journey towards becoming Cyber Essentials certified.

By implementing just five core controls that protect against most cyber-attacks, businesses can ensure they are on the right track as well as demonstrating to their customers and suppliers that they are serious about cybersecurity.


When it comes to cyber criminals, there’s nothing small about small businesses. If you’re open for business online, you could be open to cyber attacks. Let us help your business stay ahead of cyber criminals via our FREE core membership.

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the West Midlands is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the West Midlands provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

 

The Cyber Resilience Centre for the West Midlands does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the West Midlands is not responsible for the content of external internet sites that link to this site or which are linked from it.