SMEs at high risk of attempted fraud in February

Small business owners are at significantly greater risk of attempted fraud in February, according to new data from Worldpay.

The payment processing firm suggest instances of fraud could soar by 80 per cent this month with hackers capitalising on consumer data collected following the busy festive shopping period.

SMEs are far and away the key target for hackers, accounting for 85.7 per cent of UK data breaches during 2011-14.

Almost all breaches of data within this time period occurred online (99.3 per cent), with entertainment, hobby and leisure industries accounting for 23.3 per cent of all card data breaches followed by clothing and footwear stores (16.3 per cent) and jewellery, beauty and gift shops (11.6 per cent).

Tim Lansdale, head of payment security, Worldpay, said: “We see a dip in fraud around Christmas as hackers go on the hunt for information, using the online sales rush to stockpile thousands of customer card details.

“It isn’t until February that they start cashing in on all the data they’ve collected. Other breaches can last much longer; attackers might decide to keep returning to their targets, sometimes for years.”

Firms in the entertainment industry – particularly those with online ticket booking facilities – are prime targets for fraudsters due to the high volume of credit and debit card transactions processed online each day.

The costs of data breaches for small firms can run into tens of thousands of pounds, with the average cost of a standard investigation totalling £11,250 on average, not including the value of lost goods and the damage to their reputation in the eyes of customers.

“Data breaches can be ruinous, so it’s vital small business owners know the risks and take the necessary measures to protect themselves and their customers and employees,” added Lansdale.

“You wouldn’t leave your store unlocked overnight, yet so few businesses are doing enough to protect their online shop fronts and keep hackers at bay.”

Worldpay’s advice to small business owners is to change all default passwords, test firewalls every quarter, securely destroy all card data records that are no longer required and avoid storing three digit numbers (known as CVCs) from the back of debit and credit cards.



Image: frankieleon

Date published 20 Feb 2015 | Last updated 20 Feb 2015