Modern accounting is a work based on dozens of e-mails and information from customers, which must be very well secured. The accountants make a lot of transfers on a daily basis on specified dates. Working under time pressure, they can easily lose their vigilance by opening a fake e-mail, transferring money to the wrong number or downloading a viral document to the disk. And the risk of attacks is still growing. Such a trend was noted in 2019 by as many as one in five companies, according to the report “Cyber Security Barometer 2020” prepared by KPMG.
The EU also fights the wave of threats by organizing such events as the European Cybersecurity Month (ECSM). The aim of the event is to promote cybersecurity and raise awareness of the dangers lurking in the Internet. The ECSM slogan “Cyber security is our shared responsibility” clearly shows that in many organizations every employee is of great importance in maintaining and following procedures.
- We take part in the European Cyber Security Month, because education in this area is extremely important. In the situation of common remote work, also in accounting, this year’s motto of the event “Think before you click” has gained even more importance.
What types of social technicians are most vulnerable to accountants? Below are some of the most popular types that they face during their daily duties:
Accounting engineering
Accountants are most exposed to a method of manipulation called social engineering or sociotechnique. It is often chosen by cybercriminals who not only use their interpersonal skills, but also human mistakes and trust in people and institutions we know well. The intricate fraud plans are built on human reflexes and habits – the behavior is controlled by carefully designed e-mail, voice and SMS messages.
Phishing is a method that involves creating fake websites, sending e-mails and SMS messages to steal important information. Messages may seem completely harmless, remind you of an upcoming update or contain a request to confirm the data. They usually inspire trust and are prepared in a very similar way to emails from known and credible organizations. It is worth remembering, however, that such messages are not addressed only to one, but to many people.
Spear phishing, or targeted phishing. This option is more dangerous than classic phishing because the target of the attack is a specific person working in a specific position, e.g. as a chief accountant. Before cybercriminals attack, they collect information about the victim so that the message seems to be as reliable as possible. Emails may contain, for example, invoices for participation in a conference that is yet to take place.
Malware and ransomware. It is malware that can be installed on accountants’ computers and mobile devices through inattention or ignorance (opening a fake e-mail, downloading an infected file). This way, cybercriminals get to important data and information. More and more often hackers also use blackmail – they block access to invoices and data, demanding money (ransom) to access them again.
Vishing, i.e. scamming confidential information over the phone. Criminals scam information on the phone, impersonating someone else. More sophisticated scammers also use voice changers to hide their identity and change their voice to female or male.
Security at home, i.e. while working remotely, must not be forgotten either. Especially now vigilance in this area becomes especially important because employees are not able to verify emails received as quickly as in the office. Meanwhile, unusual orders or instructions can cost the company a lot. It is worth checking the address of the sender of the message and consider how often we receive e-mails from a given person. If in doubt, it is best to verify the authenticity of the message with colleagues and superiors and pass on information about an attempt to defraud the data to others.
How can accountants prevent attacks?
The accounting industry requires special attention to security and knowledge of procedures. Accountants make more transfers and process huge amounts of information, so they will always be more vulnerable to cyber-scams. Having up-to-date knowledge about this subject they will be able to defend themselves more effectively.
- Among the basic principles of protection, the verification of sender’s identity should definitely be distinguished. Emails may also ask for an urgent response, so if in doubt, it is best to contact the person concerned by phone. Let’s also avoid clicking on suspicious links in e-mails or text messages and pay attention to who we let into the company building – explains Krzysztof Wojtas.
It is worth creating your own security policy concerning the use of computers, systems and mobile devices. It does not have to be an extensive document written in technical language – it is important that the instructions are clear and understandable to everyone. It can also provide for backups. If the employees of an accounting office do it e.g. once a week, they will still be able to perform their duties in case of an attack. In addition, if we have a problem with building such a policy, a good starting point will be the TYPE and recommendations relating to data security.
What other rules can accountants implement to improve security in an accounting office?
- The vast majority of our clients are online users, so we as the service provider are responsible for security. The only thing that remains on the client’s side is to verify and check whether the correct page is opened, i.e. with an SSL certificate. In the case of local versions, where the entire burden of infrastructure maintenance and security policies lies with the customer, the situation is different. In both cases, however, it is possible to define some common actions to increase the level of protection. It is password management, operating system updates, use of modern antivirus programs and vigilance when using IT systems and mail – explains Marcin Kloc, IT Administrator in BrainSHARE IT.
The analysis of attack vectors allows to identify the most sensitive elements of the infrastructure and select appropriate protection tools. A very important element of the network infrastructure in an enterprise is the firewall, or firewall.
- Firewall allows you to filter traffic and allow only the one that is known to us, in a specific direction, to specific ports and addresses. The firewall is developed by UTM class devices, which give the possibility of more effective network protection also on higher layers. These devices are designed mainly for small and medium companies – adds Marcin Kloc.
It is also worth to make sure that the so called “security environment by assumption” was created in the accounting office. What does it mean? More or less, that every employee should have access only to the data that is necessary for him/her to perform his/her duties. If a hacker hacks into one person’s computer, the rest of the data will be safe. Controlling employee access to information will make it much easier to maintain order in exceptional circumstances.
There is no doubt that although we now have access to modern tools to protect our data, it is best to be aware of the risks and know how to defend ourselves against them. The techniques of manipulation are based on human nature, so often attacks by fraudsters are successful. However, this can be combated by educating and informing about the risks lurking online. It is also worth realizing that everyone should inform their superiors, the bank or the police about all suspicions of an attack as soon as possible. Only a quick reaction gives the possibility to act effectively.