HomeCyber BalkansPayment diversion fraud is a major concern for businesses.

Payment diversion fraud is a major concern for businesses.

Published on

spot_img

Payment diversion fraud (PDF) continues to be a major issue for businesses across the UK, with nearly a quarter (24%) falling victim to this type of cyber attack in 2022, according to the Hiscox Cyber Readiness Report. The report, which surveyed 982 businesses, revealed that this type of fraud is not limited to certain company sizes, but rather targets businesses with weakened IT systems or those that rely on human error.

PDF occurs when cyber criminals pose as trusted suppliers and deceive individuals within the business into making false bank transfers or other payments. The average cost of a claim for customers seeking assistance after a PDF attack in 2022 was £15,484. These claims were most prevalent in May and November, as businesses geared up for the summer and festive seasons, respectively.

Alana Muir, Head of Cyber at Hiscox UK, warned that payment diversion fraud can have grave consequences for businesses, leaving them significantly out of pocket or even bankrupt. She emphasized that most attacks occur due to basic checks that businesses fail to carry out before making a payment, often the result of human error that could have been prevented.

To prevent falling victim to PDF, businesses are advised to take several precautionary steps. First, it is recommended to make a test payment to the payee and ensure they receive the money before transferring a large sum. Additionally, businesses should carefully verify any notifications of change in bank details, as they may be fraudulent. The payee should be contacted on a known and verified telephone number to confirm any changes. Regular training for employees is also crucial to remind them of what to look for when making payments and the necessary steps for due diligence.

In terms of IT security, businesses should regularly change passwords, using complex combinations that are difficult to guess. Multi-Factor Authentication is also recommended to protect accounts such as email from being compromised. Adopting a “four eyes” approach, which involves requiring dual signatories for payments above a certain amount, can provide an extra layer of security. Furthermore, regular checks on IT equipment should be conducted to identify and address any weaknesses in the system.

If there is any doubt about a transaction, businesses are advised not to proceed with the payment. If a scam is suspected, it is essential to contact the bank immediately to prevent further loss. Hiscox has also taken proactive steps to address the issue of cyber attacks by introducing the CyberClear Academy in 2017. This academy has trained almost 36,000 individuals from 7,000 organizations, helping to identify knowledge gaps that could be exploited by cybercriminals. The training, delivered through a combination of videos and interactive materials, equips employees with the necessary skills to mitigate cyber risks.

The findings of the Hiscox Cyber Readiness Report 2023, compiled in collaboration with Forrester Consulting, are based on a survey of 5,005 executives, departmental heads, IT managers, and other key professionals across the USA, UK, Germany, France, Spain, Netherlands, Belgium, and Ireland. The report will be released in September and will provide comprehensive insights into the current state of cyber readiness among businesses.

In conclusion, payment diversion fraud remains a persistent threat to businesses in the UK. It is crucial for companies to prioritize cybersecurity measures and ensure that employees are well-trained and vigilant when it comes to making payments. By implementing best practices and regularly assessing and strengthening their IT systems, businesses can significantly reduce the risk of falling victim to PDF attacks.

Source link

Latest articles

AI Bug-Finding Tools Require Human Validation

The Role of AI in Offensive Security: Balancing Speed with Human Insight In an evolving...

AWS Billing Bug Shows Trillion-Dollar Cost Estimates to Cloud Customers

Amazon Web Services Faces Major Billing Anomaly in Cost Explorer Tool Amazon Web Services (AWS)...

Scammers Exploit FaceTime for Social Engineering Tactics

Apple Warns Users About Social Engineering Scams Targeting FaceTime Apple Inc. has made a significant...

Hackers Compromise IIS Server and Launch Ransomware Attack Within 24 Hours

--- In June 2026, cybersecurity experts uncovered a coordinated and sophisticated cyber intrusion that began...

More like this

AI Bug-Finding Tools Require Human Validation

The Role of AI in Offensive Security: Balancing Speed with Human Insight In an evolving...

AWS Billing Bug Shows Trillion-Dollar Cost Estimates to Cloud Customers

Amazon Web Services Faces Major Billing Anomaly in Cost Explorer Tool Amazon Web Services (AWS)...

Scammers Exploit FaceTime for Social Engineering Tactics

Apple Warns Users About Social Engineering Scams Targeting FaceTime Apple Inc. has made a significant...