Whether you are in Europe or the Americas, January to April is the small to medium sized business person’s most sensitive “money window” when payments and transactions to taxes and revenue agencies are at their highest. This is a time for extreme caution when it comes to online banking as fraudulent email phishing scams and malware designed to compromise personal and financial data abound.
As this is an especially sensitive time period from an IT security perspective, companies will want to research the issues at hand and ensure that they keep their business and financial data safe and secure.
Unfortunately, due to a quick of language, Internet searches relating to “security and finance” will mostly throw up results pointing small to medium sized business (SMB) owners towards commercial services aligned to help them “secure their finances” — and not therefore to information dedicated to “keeping their finances secure”; so the sensitivity of this subject is compounded further.
Where should we turn for SMB finance-related IT advice?
The world of business finance has developed a multiplicity of “advice channels”, almost none of which come without a price. Government services are therefore of particular interest here; almost always impartially presented and generally free of charge, it is worth looking up the public sector advice channels available to your business so that you can become conversant with the tax and revenue offices’ preferred means of a) communication b) payment process and c) even complaints should you need to make them.
Keep moving logically onward from this point and turn to your bank. Look up your bank’s existing online resources detailing transaction security and investigate what other services they might have on offer. UK banks for example often offer a “fraud text alert SMS” service to keep you up to date with emerging scams right to the palm of your hand on your smartphone.
Given the prevalence of phishing scams that target both consumers and businesses alike, it should be no surprise to see ‘accounting-related’ phishing swindles raising their head to a more significant degree during the end of year accounts period. Personal ‘home use’ credit-card readers are an important additional separation layer for authentication and safety here – these units are designed for home (or at least out of bank) use to generate unique random numbers for additional log in safety.
NOTE: Credit-card readers are of special importance if for example a business is setting up new tax (or other financial) payments online to a “new” payee.
Obvious signs, the usual suspects
As obvious as some of these notes may seem, the type of phishing swindle that often raises its head close to online banking transactions can at first appear relatively innocuous. Given that we are now inside the “money window”, it won’t do us any harm to mention some of the more self-evident no go areas again. Here are some common fraudulent messages designed to appear as though they might come from your bank or some other financial institution:
- A secure message is waiting for you, click here to read.
- Your account will be closed within 48 hours if you do not respond.
- Please reset your online banking password.
- Click the link below to gain access to your account.
- ‘Dear valued customer’ –
On that last bullet point i.e. “dear valued customer”, please remember that your bank knows your name and so this is almost certainly a generic opening line sent out from some malware and/or cyber-crime related source intent on hacking your business finances.
Of course these common sense and technology-related layers of financial IT safety should sit underneath the umbrella protection offered by a robust anti-virus suite such as AVG Internet Security Business Edition 2012. As important as our core business product is here, some good judgment and best practice is needed too. Please keep your “money window” clean and clear and stay safe online.