The alarming increase in malware, ransomware and business crippling computer viruses is very heavily covered in press and online. More recently there has been a dramatic increase in ransomware infections of the Zepto variant.
As IT specialists Synergy Technology frequently receive enquiries regarding these threats and offer advice to help prevent the damage that Cyber Attacks subsequently causing business.
The computer viruses are often targeted at Accounts and HR departments, often disguised as payment advice documents, through payroll funtions, receipts or invoices as well as job applications and speculative CV’s.
Often a computer virus can spread simply when someone within the business innocently loads an infected file onto the server, platform, laptop or PC. This happens usually by opening an attached file from an email. The virus then quickly spreads throughout the business data and applications until eventually the entire system needs to be shut down.
In a recent update from Pegasus Opera they have made a critical observation regarding accounting and payroll security:
It was recently brought to our attention that fraudsters have been using Trojan viruses/malware to obtain remote access to personal computers and to record the login and password information used to access accounting/payroll systems and other applications. Pegasus Opera.
In an accounting/payroll system, they then edit existing beneficiary details, changing them to their own bank details, to obtain funds illegally. One of the ways this is done is as follows:
- The fraudster waits for the PC user to do a supplier/salary payment run in their accounting/payroll system to pay legitimate invoices or salaries/wages.
- The fraudster then substitutes the supplier/employee bank account number and sort code that’s been set up for legitimate payments with their own bank details.
- The payment file is created in the accounts package, now using the changed account details for the beneficiaries.
- The user imports the file into their banking software, usually only checking the file total rather than checking the beneficiary account information.
- The user’s banking software then makes the payments using the changed account details, and the money is transferred to the fraudster’s bank account.
Please note: Electronic payments in the UK are made based on sort code and account number only. Any account name given is not routinely checked as part of the automated payment process. This is the same for all UK banks, and it is the responsibility of the remitter to ensure that the account details being used are correct by conducting independent verification
It is our belief that these threats will remain a challenge to businesses and will continue to evolve and find new ways to penetrate security levels in place. That is why it is so critical to adopt processes and procedures to minimise the risk and damage to data should your business become affected.
With this in mind we would like to remind you that no security is 100% perfect against computer viruses and we each have a responsibility to do our part to keep systems secure, this can be achieved by following some simple rules:
- Never connect anything into a computer – unless you know exactly where it came from and what’s on it, if in doubt give it to your IT dept or provider to virus check it first.
- Never open a .zip or .exe attachment – within an email regardless of where it has come from. If you know it’s a valid file transfer it over a network file share or sharing service such as WeTransfer.
- Never open any attachments of any kind – or download images, from emails unless you are completely certain you know the sender of and where expecting to receive. Remember you wouldn’t accept and open a suspicious looking unexpected package at home, for obvious reasons, the same is true online.
- Never enable macros’s in Word or Excel – unless you are confident of the sender of the document.
- Do not pay a ransom – Under no circumstances should you pay a ransom. Contact your IT provider to find out how to restore you data and applications.
- SWITCH OFF YOUR DEVICE – If you suspect anything unusual on your computer, PC, or laptop switch it off immediately and contact your IT team by phone!
For an extensive and detailed explanation about Cyber Security download the Microsoft document: Microsoft Cyber security demystified.
For further information and advice on Cyber Security and how to protect your business contact Synergy Technology.