/home-page /about-us /our-work /work-with-us /contact /blog /terms-and-conditions /privacy-policy /cookies /what-we-do

COVID-19: Cybersecurity advice

By Richard Jennis 24th April 2020

With many people having to work at home during lockdown and businesses trying to secure grants to survive the next few months, unfortunately a lot of professional hackers are taking advantage of what is already a worrying time. As a result, the world of online hacking and scams has seen a surge, with many criminals targeting enterprises of all sizes.

According to the Department for Digital, Culture, Media and Sports, almost half of UK businesses in the past 12 months have suffered a cyber-attack or security breach. WatchGuard also reported that in the last quarter of 2019 alone, two-thirds of businesses fell victim to evasive malware such as viruses and spyware etc.

Furthermore, according to insurance, risk management and consulting services company, Gallagher, 60% of UK cyber-attacks are due to human error and 39% of those breaches are related to evasive malware where an employee clicks on a fraudulent link.

There have been multiple phishing scams targeting companies, including the likes of a ‘Covid-19 tax refund’ email which appears to have been sent from HM Revenue and Customs, asking people to “access your funds now”. Not only can these types of cyber-attacks have a detrimental effect on the business financially, ones which impact customers can also ruin a brand’s reputation.

While phishing scams tend to target bank accounts, attacks such as data breaches have a tendency to target sensitive information such as email addresses. This loss of data could result in a declining customer base as people start to lose confidence in the company. If a data breach has occurred, it could also lead to costly fines under GDPR rules.

Tighten up your security

First and foremost, if you receive a suspicious-looking email, delete it. It is also best practice to inform the team and your IT department of the incident to ensure that everyone is wary of a potential scam or cyberattack.

To safeguard your staff and customer details whilst protecting the business’s reputation, we’d advise that you take the following steps:

  • Ensure that the business has put a firewall in place for its internet connection
  • Confirm that the Wi-Fi network is secure
  • Make sure all computers used within the organisation have the most up-to-date antispyware and antivirus software installed
  • Create and store back-ups of important data securely
  • Regularly change passwords used throughout the company and make sure that they do not follow any sort of pattern (1, 2, 3, 4; 2020; name of the company, etc.)
  • Ensure only a few and relevant team members have access to certain materials and have the authority to install certain software.
  • Create an individual user account for every employee
  • Confirm that the back-end of your website has the latest and most up-to-date plugins and extensions available.

These are all relatively quick and cost-effective fixes that businesses should have in place or should be putting in place in order to protect themselves from fraudsters. However, these are also short-term measures.

Whilst using open-source platforms such as WordPress, Wix, and Joomla are fantastic when you want to build an online presence efficiently and economically, they are also very common, and most hackers have the ability to manipulate the code to their advantage.

The most effective way to prevent cybersecurity issues is to remain vigilant to scam campaigns and invest in tailored programmes unknown to hackers. Using a bespoke content management system (CMS) such as Doddle makes a website an unattractive target to hackers because it uses a unique code that isn’t readily available to download and explore.

What sets Doddle apart from the rest is that it is 100% customised for each business. It has been developed using the same tools that power these renowned open-source platforms, but Doddle’s intuitive design puts the business in the driving seat.

The majority of websites have been hacked somewhere, somehow, and it can be extremely difficult to source where the hack took place and to isolate it. With Doddle, businesses don’t need to rely on plugin and extension third party developers, nor have to wait hours, days, even weeks on end, to fix the issue.

If you are worried about your business’s website security or would like to know more about Doddle why not get in touch with us today? You can contact us via email at [email protected] or by telephone on 0844 736 2747.