Seatrade Maritime is part of the Informa Markets Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cyber-crime – a continuing concern

Photo: ITIC Alistair Mactavish.jpg
Alistair Mactavish, Chief Operating Officer and Underwriting Director, ITIC
We live in a digital age and the current pandemic has reinforced the importance of the internet and its wide-ranging business applications.

The past few months have forced us to change our working habits and place a much greater emphasis on remote working and a heightened reliance on digital solutions, but this has also created opportunities for fraudsters and other cyber-criminals.

Any of us using electronic communication is a potential victim of cyber-crime however following a few simple steps will significantly reduce the chances of becoming a cyber-victim.

At ITIC (International Transport Intermediaries Club), we regularly issue advice to our assureds on how to guard against attack and minimise exposure. Here are a few practical tips to help keep your IT systems and processes robust and safe.

Internet security and fraud awareness

It is vital to ensure that your internet security is up-to-date and correctly configured. This is particularly important in the current situation when many of us are working from home and having to get used to a changed working environment. Use up to date antivirus software which includes a firewall to help protect against any security breaches; and ensure you regularly update your operating system and associated applications.

Educate your staff

Ensure that all your staff are aware of the dangers of clicking unknown links or opening email attachments from senders they do not recognise. Links and attachments are used by fraudsters to install malware onto networks and devices.

The consequences of a simple mouse click could lead to the monitoring and recording of your keystrokes, harvesting your passwords, installation of ransomware or other malicious software.

Running a phishing simulator within your organisation is one way to test staff security awareness. This will send a pseudo-phishing email containing a link, an attachment or a request for sensitive information to understand how staff respond. If the results contain a high number of fails, then more staff training is needed.

Social engineering/bank mandate fraud

One of the most common types of cyber fraud involves bank mandates. This is when a third-party deceives you into sending a payment to a fake account by impersonating the genuine organisation or individual.

To help prevent this type of fraud you should be suspicious of any email requesting you change bank details – or asking you to set up new bank details. One of the simplest ways to avoid being a victim is to simply pick up the phone and call the supplier or client to check that they have actually changed their bank account.

Other practical tips include ensuring all passwords are never shared and keeping your inbox in order by regularly checking spam and junk folders to minimise risk. Our reliance on IT will only continue to grow and it is important to protect yourself and your organisation against the risk of a cyber-attack.