In its simplest form ‘cybercrime’ typically refers to any criminal activity in which computers or computer networks are the origin, tool, object or place of the crime. The sheer complexity of the underlying networked technology often makes these crimes fiendishly difficult to tackle. Attackers can strike unseen, whether their victims are thousands of miles away or just round the corner.
Even simple precautions can help to prevent a cybercriminal from taking advantage of your computer and systems. As a minimum, operating systems and critical applications – that means web browsers, anti-virus software and firewalls, to name just a few – should be kept patched and up to date.
Tips for protection
- Keep operating systems and security software (such as anti-virus and anti-spyware) on your computer, tablet and mobile phones up to date – regardless of make or model. Set software to update automatically.
- Download and use free security software offered by your bank (such as Trusteer Rapport).
- Use different passwords for different accounts (both on and offline). These should be strong passwords which use a combination of letters, numbers and other characters.
- Regularly back up your electronic files so that if anything does go wrong you will not lose everything stored on your devices.
- Never respond to unsolicited emails asking you to update your personal, business and/or account information, or open any zip files attached to them. Delete them.
- Check that you are using a secure website when entering personal or payment information online. The address should be ‘https’ (not ‘http’) and the padlock symbol should appear in the address bar or the bottom right-hand corner of your browser.
- Limit the amount of personal information you post online. This information can be easily collected and used by fraudsters.
- Permanently delete all your data from unwanted computers, tablets, mobile phones, memory sticks and other electronic devices before you get rid of them. You will need to use specialist software to do this properly.
- Visit Get Safe Online for more free security advice.
Additional tips for organisations
- Write an IT security plan for your business. Don’t neglect physical security for systems and data.
- Write staff policies to cover the use of the internet (including private use), email systems (including webmail), passwords, laptops and portable devices, personal software, sharing and downloading copyright material, and details of monitoring procedures. Explain what happens when these rules are breached.
- Don’t allow staff to share log-in details.
- Require dual authorisation for payments. Apply payment limits, and regularly review user roles and privileges.
- Use secure encryption to protect information travelling over the public internet. Strictly control and review remote access to the corporate network.
- Train all staff in the principles and best practice of IT and data security. Make it part of induction and underscore personal responsibilities.
If you allow staff to connect to your corporate network using their personally-owned electronic devices, read our factsheet on bring your own device 'BYOD policies' to understand the security issues.
Read our factsheet on e-commerce risks to online retailers for more information on card-not-present fraud.
A free e-learning course on cyber security for legal and accountancy professionals is available from our resource centre.