ID fraud now accounts for 41% of all fraud in the UK.
Cifas, the United Kingdom’s fraud prevention service, recently reported the results from a study of reported instances of fraud in 2014. The other key findings were as follows:
"The frauds we are recording point to increasingly sophisticated, predatory and organised criminals. This is crime at an industrial scale," said Simon Dukes, Cifas chief executive.
City of London Police Commander, Steve Head, who is the ACPO lead for Identity Crime, added:
“The percentage rise in fraud recorded by Cifas is very much in line with what we are seeing for Action Fraud for 2014/15. The reason for this is likely to be two-fold – fraud and cyber fraud are continuing to increase and individuals and businesses are becoming more aware of both the opportunity and the need for them to report to the relevant authorities when they have fallen victim to a scam.
ID Fraud is a threat to you, your company, and your customers.
In light of the persistent threat of ID fraud, here are the top 10 tips for protecting your company:
1. Take online security seriously NOW!
It doesn't matter what type of approach you take, how much money you invest, how many training courses you plan – if YOU don’t make online security a priority in YOUR organisation then you cannot expect to keep on top on the persistent threat of ID fraud that will affect you, your company, and your customers.
2. Education, Education, Education
The question that all business leaders must be asked remains the same: How can you expect employees to engage in basic compliance practices if you are not creating a culture within your company that puts compliance at the forefront of every activity? The key to doing this is educating your employees. Educated employees, led by engaged leaders who also understand and believe in the necessity of compliance, are motivated to follow their company’s compliance procedures. It’s that simple. Having a training program incorporated into everyday working life aids companies in three key areas: it creates a healthy compliance culture that the best employees will want to work in; it ensures companies keep on the right side of the regulators; and it attracts more business as customers can be sure that the protection of their personal information is the company’s highest priority.
3. Manage your data
The most valuable asset in your company is your data. And so data is what cybercriminals want. Bad. Investing time, money, and attention into Data Protection Management (DPM), therefore, is crucial. Cifas’ study found that companies didn't always know at what point their customers’ identities had been compromised. Yet this information would be vital in focusing prevention efforts. Having an automated system in place to manage data would ensure that all tasks run on schedule, all compliance activities are followed, and all data is safeguarded.
4. Plan for data breaches
There are two types of businesses in the world: ones that have suffered a data breach and ones that will. So you need to plan for it. Introducing and nurturing a compliance culture in your company is key. The costs of a data breach, not only in terms of money but also in terms of trust and reputation, are huge. When dealing with fraud the secret is to be proactive rather than reactive. Start planning now.
5. Minimise the potential for insider mistakes
We’re all human. And sometimes it is simple human error that leads to a security breach and ID fraud. Taking certain steps can reduce the chance of human error causing a data leak. Investing in a Compliance Management Software suite that regulates everyday employee performance encourages employees to become compliance aware and allows you to plan and schedule audits to assess the performance of any employee at any time. Instances of non-conformance can be tracked and recommendations for improvement offered.
6. Change your password more than you change your pants.
7. Don’t click that link!
Spear phishing is the most common tactic used by cybergangs involved in ID fraud. And it is incredibly simple. It relies on two things: the fact that we are all human; and the fact that we find it hard to resist clicking on blue text in emails! But we must be strong as the consequences are serious. Spear-phising emails trick employees into opening emails that infect company computers with malware. With cyber criminals sending 156 million phishing emails everyday, the end result is daily incidents of stolen identities, financial loss, credit card fraud and other Internet scams.
8. Keep professional and private separate
This sounds like the oldest piece of advice in the book and that’s because it is. The fact that it still needs to be said, however, shows that it is still something that people fail to do. By using your personal email for work matters, or using your work email for personal things (like buying stuff online!), you put both you and your company at risk. Moreover when at work only access your work account. It’s likely your employer can monitor your online activities at any time. Just keep your professional self and private self separate. It just makes everything easier. This article, using Hilary Clinton as a timely example, sums it up nicely.
9. Preventative self-policing
Really all these tips come down to the idea of preventative self-policing. As I wrote in a previous blog , both individuals and businesses need to recognize the everyday threat of cybercrime and accept the responsibility of protecting themselves against this constant threat. Being compliance aware is the responsibility of everyone at every level of an organization. Incorporate that mindset into your company, nurture it, and soon you will have a team that will become the first line of defence against data breaches and ID fraud.
10. Invest in first-class security software
Making an investment in a software suite that automates security procedures is a sure-fire way to protect you, your company, and your customers. In the long run it’ll reduce costs, save time, and uphold the image of your company as a reliable, responsible, and forward-thinking organization that recognises the true value of data. Customers and collaborators just want to work with someone they know they can trust.