Are you sending money to criminals?
The healthcare sector is a prime target for cyber-crime and it is evolving to take ever more complex forms. Here at Lloyd & Whyte we have seen increasingly devious ways to extort funds from their clients.
Social engineering is the single biggest security threat facing your business 1
Social engineering uses a variety of techniques, such as Phishing, Baiting and tailgating to trick individuals into revealing information. They can even mimic internal emails to ‘authorise’ payment of seemingly genuine invoices or fund transfers.
Business Email Compromise (BEC) is a growing form of phishing attack where a cybercriminal impersonates a senior member of staff or even perhaps the practice owner. Today’s cyber-attacks target people, not just technology.
They could even address your finance department, using a legitimate looking account and signature. Using information gathered from a variety of sources, cyber criminals can create very compelling lures, adopting appropriate terminology and personal references they sound very credible.
According to the National Crime Agency (NCA)2, it represents one of the fastest growing, lowest cost, highest return cybercrime operations.
Any business could be attacked!
Here at Lloyd & Whyte we have unfortunately seen many examples where businesses have been infiltrated and cyber criminals have extorted funds, including a client of ours who was a practice owner, working from home. The owner had noticed a substantial amount of funds leaving the practice bank account unexpectedly.
It transpired that a hacker had accessed the practice’s email server sending a legitimate looking email from the practice owner to the accounts team, authorising payment of a large invoice. Unfortunately, it was a fraudulent email from the cybercriminal, but coming from their internal email, it seemed totally legitimate.
They were protected by Cyber Insurance.
Fortunately, they had taken out cyber cover with Lloyd & Whyte, which allowed them to recover not only the original sum paid but also covered costs of the IT consultancy to re-secure their network. A huge relief all round.
The practice owner admitted that “mistakes are all too easy to make without really thinking, which can ultimately cost thousands of pounds. Yet it can all be protected and guarded against with a policy that is very cost effective”.
Specialist cover.
Don’t assume that your practice insurance will protect you fully. An attack could mean large pay-outs, and related costs of getting your systems back on track or covering PR costs to mitigate reputational damage.
Cyber insurance (or cyber liability) is specifically designed to protect you against this ever-growing modern-day risk.
