Cyber threat for handicraft businesses increases

Sometimes one does everything right, and yet hackers still strike. This is what happened to a handicraft business from Berlin: In its name, invoices were sent to customers, who paid them immediately. No mistrust arose, because the customers had actually worked with this service provider in the recent past. How can something like this happen? Perseus answers this question and acts, once again, as an expert for the investigative magazine "Täter, Opfer, Polizei".

Cybercrime in handicraft businesses

The threat of attacks from the Internet is growing. The IT forensics and cyber experts at Perseus are noticing this as well. The number of cyber attacks has increased by 67 percent from the second half of 2019 to the first half of 2020. According to an internal analysis of cyber emergencies handled by Perseus' cyber experts, electricians, contractors and tool manufacturers are often among the victims. For Peter Vahrenhorst, Kriminalhauptkommissar of the LKA North Rhine-Westphalia, this is no surprise. In an interview that Perseus conducted with him in connection to its cyber security study, he explained that small and medium-sized companies, in particular, are becoming victims of cybercrime. The reason for this is that these companies often do not have sufficient resources to deal comprehensively with the issues of cyber security and data protection. The main business is in the center of their attention. 

Handicraft businesses do not see cyber risks for themselves

A 2019 study by the Signal Iduna Group has intensively dealt with cyber security in the handicraft sector. Here, 500 digitally connected businesses were surveyed. It shows that the general danger is still clearly underestimated. Three quarters of the companies questioned, state that they do not see any imminent threats to their own company. According to their assumption, they are too small to arouse the interest of hackers. A misconception, as the results of this study show. More and more handicraft businesses are being targeted by cyber criminals. According to the Signal Iduna study, almost every fifth business has already been the victim of an attack. 

The causes are complex: weak passwords, the use of public wifi connections and unsecured communication channels are among the most frequently exploited security gaps. However, e-mail is still considered the greatest source of risk. In more than 80 percent of the cyber attacks on small businesses, it was used as a gateway.

CEO - Fraud as a scam method

As described in the introduction, phishing is one of the most common types of attack - and here in particular the CEO fraud. In a CEO fraud, everyday situations of a professional context are exploited to persuade employees to transfer a larger sum of money or share sensitive data through fake e-mails from their alleged superiors.

The CEO - Fraud is usually based on extensive research. Hackers inform themselves about the company, the employees, the boss as well as the company structures. Often, the attackers choose a specific victim, about whom they obtain additional information. All channels are used for this purpose, such as the company homepage, social media profiles or a direct call to the company.

Then the actual attack takes place. This is done either by compromising an e-mail account or by using a domain that is deceptively similar to the one to be imitated. The previously collected information is now used to carry out the fraud. The communication and writing style of the boss is mimicked, so that no mistrust can arise among the employee. In order to make the process even more realistic, the payment request is preceded by an e-mail exchange in which it is often explained why a manager is temporarily unavailable and thus not available for enquiries by telephone.

As with other phishing attacks, the hacker plays on the victim's emotions by either building up pressure or appealing to the sense of shame that, for example, an invoice was not paid on time. Attackers often use these means for reaching their goal and the employee transfers the desired amount.

How can you protect yourself?

There is no one hundred percent protection, but there are small clues by which a CEO - Fraud can be detected.

  1. You should carefully check the sender's email address and the domain. Small anomalies, such as the absence of a letter, can already indicate that an impostor is at work. It is highly recommended that you configure your e-mail program in a way that not only the display name of the sender is shown, but also the sender's e-mail address, since the sender name is increasingly being falsified by hackers.
  2. In addition, the text of the e-mail should be checked carefully. If it contains an increased number of spelling mistakes, it could be a phishing e-mail.
  3. Communication and writing style can also provide important insights. If the CEO addresses you suddenly with your last name, even though everybody within the company is actually on a first-name basis, this can be an indication that the e-mail is not from the boss.

Nowadays, however, hackers act so professionally that it is almost impossible to distinguish a scam email from a real one. It is therefore advisable to call in another person to assess the incident. If you have the slightest doubt, you should listen to your gut feeling, and investigate further. Maybe try to reach your superior on the phone to confirm the mail you have received. Better be safe than sorry. 

TV-TIP:
Perseus in the TV Magazine  Täter, Opfer, Polizei”

It is no longer just burglary series or violent crimes that are presented in the TV magazine    "Täter, Opfer, Polizei". Hacker attacks and cybercrime are increasingly shifting into focus - as seen in this episode (originally shown on November 29th, 2020 at 7pm). Here, the previously mentiond case of the Berlin handicraft business that got attacked by hackers will be discussed.

 

Any questions?
We are here for you.

Arrange a free consultation with our IT security experts. We look forward to meeting you.

+49 030/95 999 80 80 (Mon - Fri 09:00am - 6:00pm)