This featured blog was provided by BMO.
Cybercrime and fraud are among the biggest threats faced by businesses today. The latest figures, provided by the Canadian Anti-Fraud Centre, show that as of May 31, 2022, more than 37,000 reports of fraud were made in Canada so far this year, involving over 23,000 victims and more than $207 million in losses.
Threat actors can now access powerful networks, technology, and even financial resources to target hundreds if not thousands of organizations simultaneously. The incentive for business leaders to implement the best cyber practices is considerable. Here are a few tips to help ensure your business is on the right path to protection:
- Enable efficient patching for all critical systems
- Roll out scaled multi-factor authentication
- Implement robust identity access management programs that are regulatory compliant, audited, and evolve to meet the security needs of your organization
- Ensure plans are in place for alternate communication technologies in the event normal communication pathways become unavailable or disrupted
- Communicate the importance of using work technology for business purposes only
- Educate your employees on common social engineering ploys and methods used in cyber and fraud attacks
- Implement people practices that mitigate risk, such as separation of duties, assignment rotation and mandatory vacation
- Integrate and enhance fraud and cyber analytics to detect fraudulent transactions more efficiently
- Adjust and test cyber and fraud incident response and plan for the worst-case scenario with playbooks and handbooks
- Collaborate with vendors, contractors and supply chains to ensure their security
It’s also critical to be mindful of your own security practices when using your personal devices. You could put your business at risk – simply by sharing too much information on social media. Here are six ways to avoid falling victim.
- Avoid giving out personal information and limit what you post on social media: Don’t give out any information you don’t need to, especially non-publicly available information such as social insurance numbers and account numbers. The information you provide could be used in spear-phishing lures or Business Email Compromise attacks.
- Slow down and review emails or URLs carefully: Avoid any ‘urgent’ requests and be mindful of responding too quickly. Emails and websites can look like they are from trusted companies, but if you review the email and URL carefully, you’ll notice a small difference like one extra letter, a period, or a .net instead of .com
- Say no to unsolicited calls or emails: If you’re unfamiliar with the caller or sender, proceed with caution or avoid altogether
- Be wary of anyone requesting gift cards, money orders, cheques or wires: Independently verify if the request seems out of ordinary
- Sign up for alerts with your bank and keep your contact information up to date: Ensure your contact information is always current. That way your bank can contact you immediately if they detect unusual activity on your account
- Choose passwords that are unique and complex: Avoid common passwords like “123456” or passwords that include obvious personal info. Your password should be at least 8 characters long and combine upper and lowercase letters and special characters (numbers and symbols)
How BMO Keeps Its Customers Safe
Customer security is a priority at BMO. In 2019, the bank launched the Financial Crimes Unit (FCU) – a security operations team that’s the first of its kind in Canada. The FCU combines world-class expertise from its cyber security, fraud, physical security, and crisis management teams to detect, prevent, respond to and recover from security threats.
Learn more about the team’s unique attributes, and access more tools to keep your organization and family protected at BMO.com/SecurityCentre.