Connect with us

Business

EMAIL PHISHING: BETTER BE SAFE THAN SORRY

Published

on

EMAIL PHISHING: BETTER BE SAFE THAN SORRY

By Stuart Mills, Technical Director at Invosys

 

As of January 2021, there were 4.66 billion active internet users worldwide.

This figure represents nearly two-thirds of the entire global population. Of this, 92.6% accessed the internet via a mobile device.

In the modern world, most professions require a device with an active internet connection. And as soon as the internet goes down, there’s little else to do than simply wait for the connection to return. Or you could try turning it off and back on again.

However, our reliance on Wi-Fi and connectivity could be to our detriment.

 

AN ADVANCED APPROACH

Devices connected to the internet are susceptible to contracting a virus. While there are many different types of computer viruses, ransomware is arguably the most dangerous.

As the name suggests, ransomware is a type of malware or malicious software designed to block access to certain files or perhaps to the whole computer system, rendering it unusable unless a ransom charge is paid (usually in cryptocurrency). Hackers use advanced ransomware to encrypt systems in this way via a local network, scanning each computer ‘host’ system before identifying a suitable target. In fact, cybercriminals can even access IP ranges reserved for private networks (known as ‘LAN’ systems), such as those beginning with 192.168., 172.16. or 10.

‘Wake-on-LAN’ commands are often sent out to wake computers that are hibernating, sleeping or shut down — the impact of which could be severe if a whole business’ IT infrastructure becomes the victim. Once unleashed, ransomware is notoriously difficult to dominate.

 

THE STATS DON’T LIE

Ransomware attacks have begun to hit stratospheric levels. In the second quarter of 2021, ransomware accounted for 69% of all cyber-attacks involving malware: a 30% jump from the same quarter of 2020. This year alone, THE UK HAS SEEN 14.6 MILLION RANSOMWARE ATTACK ATTEMPTS, with MORE THAN HALF OF UK-BASED ORGANISATIONS FALLING VICTIM.

2021 was undoubtedly the worst-recorded year for ransomware attacks to date. But why have we seen such a marked increase?

The primary reason for such a high volume of these attacks is that businesses are prepared to pay the required ransom to get their data back. Hackers are consistently rewarded on an enormous financial scale for their attacks.

As a result, cybersecurity specialists anticipate that by 2025, cybercrime could cost the world’s economy a mammoth £7.5 trillion a year. Each attack costs UK businesses an average of $840,000. Malware attacks are a serious risk to our hyper-connected world and, much to our dismay, is a threat that’s only getting more potent.

 

VIGILANCE IS KEY

Another easy way for hackers to hijack your computer is via email phishing.

Phishing emails arrive in your inbox with malware either in the attachment or embedded as a link within the body of the email itself. Once the recipient enters their details or opens the attachment, the virus can infect the computer system instantly.

We know what you’re thinking. Surely nobody is that easy to deceive?

Unfortunately, hackers have developed intelligent social engineering techniques to scare recipients into making decisions they typically wouldn’t, such as opening a dodgy-looking attachment or clicking on an unfamiliar link.

 

There are five key signs to look out for when trying to spot phishing emails.

  1. AN UNFAMILIAR TONE OR GREETING

If the email purports to be from a colleague or someone you know, is it written in their usual tone? Have they addressed you in a way they usually wouldn’t?

  1. GRAMMAR AND SPELLING ERRORS

Typos are common in phishing emails. While everyone makes a spelling mistake every now and again, errors could be an initial indicator that something isn’t right.

  1. INCONSISTENCIES IN EMAIL ADDRESSES, LINKS AND DOMAIN NAMES

Often, the address you’ve received the email from is familiar and legitimate. However, most phishing attacks will have a ‘REPLY TO’ address that doesn’t match the sender’s.

  1. THREATS OR A SENSE OF URGENCY

How often are ‘URGENT’ emails not preceded by or followed up with a call? A tell-tale sign that an email is malicious is if it requires you to take immediate and unexpected action.

  1. SUSPICIOUS ATTACHMENTS

Are you expecting a file from the sender? Is the attachment in an unusual format? Always double-check the veracity of an attachment before opening it mindlessly.

We take cybersecurity seriously here at Invosys. If you’re ever unsure if you’ve been the target of a ransomware attack, you can get in touch with your Invosys Account Manager as normal, and we’ll help you take the best course of action. If you see something, say something! 

 

Business

Know Your Business (KYB): Exceeding KYC

Published

on

Victor Fredung, CEO at Shufti Pro

 

Money laundering costs the UK more than £100 billion pounds a year, according to the National Crime Agency, emphasising the need for stringent ID verification of individuals and businesses.

ID verification, however, remains a moving target. The UK’s fraud prevention community CIFAS has warned of surging ID theft. The National Fraud Database increased by 11% in the first six months of 2021, with almost 180,000 instances of fraudulent conduct filed in the first six months of the year. This reflected the aftermath of the 2008 financial crisis, which recorded a 32% increase in identity fraud the following year. CIFAS is warning UK businesses and consumers to expect a continuation of the steep rise in identity fraud for 2021 and 2022 as criminals exploit businesses under pressure.

Businesses can respond with resilient Know Your Customer (KYC) software and protocols. KYC establishes customer identity; understands customers’ activities; qualifies the legitimacy of funding sources; and assesses money laundering risks associated with customers. To date, almost 6,000 financial institutions are using the SWIFT KYC Registry to publish their KYC data and receive data from their correspondent banks.

KYC regulations and procedures are appropriate when the customer or consumer is a named individual.  However, it’s not enough to verify the identity of individuals. It is also important to verify the identity of businesses.  Know Your Business (KYB) tools and regulations are designed for cases where the customer is a business or corporate entity. KYB is particularly important as criminals seek to exploit crypto currencies which can thwart verification techniques, such as anti-money laundering (AML) and KYC.

KYB verifies businesses by obtaining official commercial register data via APIs. By using the registration numbers and jurisdiction code of a business, a digital KYB service can collect confirmable information for the business. This enables corporate organisations to determine if they are dealing with authentic businesses or fake shell companies. KYB services particularly help financial institutions handling the funds of a large customer base and corporate entities.  During this process businesses must improve the customer digital enrolment and authentication experience. End-users resist proving their identity through for example, showing scans of their bank account statements and may abandon service providers whose online enrolment processes increase friction.

Usefully, KYB uses access to automated commercial registers through a data-powered business verification service, expedites due diligence and eliminates errors.  With advances in digital technologies and virtual data sets, KYB compliance and verification tools can mark businesses involved in undercover activities, gathering background data on the company including the registered address, status, company type, ultimate beneficial ownership structures, previous names and trademark registration. A financial summary of the company’s operational accounts is also provided by the authentication service, to help validate its authenticity.

Here, Artificial Intelligence (AI) can come into its own, determining the identity of individuals and the financial risk attached to that person with AML Compliance solutions. AML services can check the involvement of an individual company in any watchlist or financial risk database, at scale. Machine learning algorithms can detect forged documents or disguised ownership structures. Nationality verification and geolocation targeting can determine the true country of origin of international clients and the jurisdiction of the company.

However, adoption of KYB processes has been sluggish: last year research undertaken by kompany indicated only 5% of financial institutions (FIs) have an automated B2B or corporate banking onboarding process, with 75% of FIs still relying on Google searches to identify Ultimate Beneficial Owners (UBOs), annual filings and financial accounts. Financial services organisations also struggle to manage the complexity of KYB, and the siloed approach to managing information within an FI can make KYB adoption more challenging.

A further challenge for KYB compliance lies in accessing beneficial ownership information, especially in jurisdictions that do not require companies to submit relevant documentation. A lack of shareholder information makes it harder to investigate money trails and business authenticity. Timely availability of data, across international borders in the right format, is another hindrance, especially as company structures and management change over time. This is why geography and industry specific vendors will be of value to businesses needing to conduct ID checks. It is also why businesses must find the right vendors who can be a one stop shop to manage their KYB adoption and must prioritise the user-experience for frictionless onboarding and regulatory compliance.

Banks have experienced difficulties with KYC verification for their customer onboarding, transaction authentication, and remote banking services. This why they may find it hard to trust a KYB service provider. However, FIs and businesses face a pressing need to determine the ultimate beneficial ownership structure of the corporations they are dealing with. The need for a credible, cross-border KYB provider has rarely been more pressing, and according to Forrester, Know-your-business IDV will ‘make or break Identity Verification players.

Know-your-business IDV can make critical difference in identity verification.  With the increase in B2B commerce it has become more urgent to verify both individuals and organisations and their representatives.

The cost of not adopting KYB technology is dwarfed by the prospect of data breaches, fraud and reputational damage. For financial institutions, legitimacy and verification of the business is key for growth. The software solutions exist and are ready to be implemented.  he National Fraud Database increased by 11% in the first six months of 2021, with almost 180,000 instances of fraudulent conduct filed in the first six months of the year. This reflected the aftermath of the 2008 financial crisis, which recorded a 32% increase in identity fraud the following year. CIFAS is warning UK businesses and consumers to expect a continuation of the steep rise in identity fraud for 2021 and 2022 as criminals exploit businesses under pressure.

Businesses can respond with resilient Know Your Customer (KYC) software and protocols. KYC establishes customer identity; understands customers’ activities; qualifies the legitimacy of funding sources; and assesses money laundering risks associated with customers. To date, almost 6,000 financial institutions are using the SWIFT KYC Registry to publish their KYC data and receive data from their correspondent banks.

KYC regulations and procedures are appropriate when the customer or consumer is a named individual.  However, it’s not enough to verify the identity of individuals. It is also important to verify the identity of businesses.  Know Your Business (KYB) tools and regulations are designed for cases where the customer is a business or corporate entity. KYB is particularly important as criminals seek to exploit crypto currencies which can thwart verification techniques, such as anti-money laundering (AML) and KYC.

KYB verifies businesses by obtaining official commercial register data via APIs. By using the registration numbers and jurisdiction code of a business, a digital KYB service can collect confirmable information for the business. This enables corporate organisations to determine if they are dealing with authentic businesses or fake shell companies. KYB services particularly help financial institutions handling the funds of a large customer base and corporate entities.  During this process businesses must improve the customer digital enrolment and authentication experience. End-users resist proving their identity through for example, showing scans of their bank account statements and may abandon service providers whose online enrolment processes increase friction.

Usefully, KYB uses access to automated commercial registers through a data-powered business verification service, expedites due diligence and eliminates errors.  With advances in digital technologies and virtual data sets, KYB compliance and verification tools can mark businesses involved in undercover activities, gathering background data on the company including the registered address, status, company type, ultimate beneficial ownership structures, previous names and trademark registration. A financial summary of the company’s operational accounts is also provided by the authentication service, to help validate its authenticity.

Here, Artificial Intelligence (AI) can come into its own, determining the identity of individuals and the financial risk attached to that person with AML Compliance solutions. AML services can check the involvement of an individual company in any watchlist or financial risk database, at scale. Machine learning algorithms can detect forged documents or disguised ownership structures. Nationality verification and geolocation targeting can determine the true country of origin of international clients and the off shore status of a company.

However, adoption of KYB processes has been sluggish: last year research undertaken by kompany indicated only 5% of financial institutions (FIs) have an automated B2B or corporate banking onboarding process, with 75% of FIs still relying on Google searches to identify Ultimate Beneficial Owners (UBOs), annual filings and financial accounts. Financial services organisations also struggle to manage the complexity of KYB, and the siloed approach to managing information within an FI can make KYB adoption more challenging.

A further challenge for KYB compliance lies in accessing beneficial ownership information, especially in jurisdictions that do not require companies to submit relevant documentation. A lack of shareholder information makes it harder to investigate money trails and business authenticity. Timely availability of data, across international borders in the right format, is another hindrance, especially as company structures and management change over time. This is why geography and industry specific vendors will be of value to businesses needing to conduct ID checks. It is also why businesses must find the right vendors who can be a one stop shop to manage their KYB adoption and must prioritise the user-experience for frictionless onboarding and regulatory compliance.

Banks have experienced difficulties with KYC verification for their customer onboarding, transaction authentication, and remote banking services. This why they may find it hard to trust a KYB service provider. However, FIs and businesses face a pressing need to determine the ultimate beneficial ownership structure of the corporations they are dealing with. The need for a credible, cross-border KYB provider has rarely been more pressing, and according to Forrester, Know-your-business IDV will ‘make or break Identity Verification players.

Know-your-business IDV can make critical difference in identity verification.  With the increase in B2B commerce it has become more urgent to verify both individuals and organisations and their representatives.

The cost of not adopting KYB technology is dwarfed by the prospect of data breaches, fraud and reputational damage. For financial institutions, legitimacy and verification of the business is key for growth. The software solutions exist and are ready to be implemented.

Continue Reading

Business

Addressing the ongoing global pilot shortage issue

Published

on

By

By Bhanu Choudhrie, Founder of Alpha Aviation

 

The Covid-19 pandemic brought the aviation industry to a halt, causing vast market disruption and putting the future of many key players at risk. Now, just as airlines were getting back on track, staffing shortages are causing new complications – and part of this issue is a growing pilot recruitment problem.

So, where does the sector go from here and what steps need to be taken to mitigate pilot shortages?

The root of the issue

Even before the pandemic, there was a global shortage of pilots, with people flying more due to a rise in more affordable airlines and falling fuel costs. In fact, the 2020-2029 CAE Pilot Demand Outlook suggested that the global civil aviation industry will require more than 260,000 pilots by the end of the decade.

However, when demand for air travel dropped across the globe, airlines were quick to offer early retirement packages to reduce immediate outgoings. Whilst this approach helped some airlines stay afloat during the slowdown, a wave of early retirements has left them on the back foot.

Bhanu Choudhrie

Now demand is coming back much faster than expected. In the US alone, the Bureau of Labor Statistics is expecting 14,500 openings for commercial and airline pilots each year until 2030, and this imbalance is already having a detrimental impact on the aviation industry. With flights being cancelled, travellers left stranded, and some airports losing service altogether, it is crucial that the larger aviation ecosystem comes together to work out a solution to effectively address this pilot shortage crisis, so that it can once again meet capacity demands.

Re-directing efforts to rebuild pilot pools

With vast swathes of pilots put on furlough during the pandemic – and therefore unable to maintain their license requirements, the damage isn’t just in the ongoing pilot shortage, but also in the decades of experience the industry has lost. In response to this narrative, last month a Senator in the US introduced legislation to raise the mandatory retirement age of commercial airline pilots from 65 to 67 – and the US are not alone in this shift. Last week, Air India announced that it will be raising their retirement age for pilots from 58 to 65. Now we need to see other countries and airlines follow suit to help retain the talent that can help guide and mentor the next generation of cadets.

Moreover, training schools and airlines will need to work together to challenge industry stereotypes and empower more women to pursue a career in the cockpit. Currently, just 5.1 per cent of the world’s commercial pilots are women. This means that for every twenty flights taken, only one of them will be piloted by a woman. Unfortunately, this gender imbalance has become a long-established trend within the aviation industry and, stereotypically, pursuing a career as a pilot has been considered a male occupation, with women type cast to cabin crew instead. Therefore, if we are to make proactive strides towards addressing the current pilot shortfall, finding a way to shift that percentage is essential.

The cost of training to be a pilot is also a key barrier the industry needs to address, and at pace. On average, the cost to train as an air transport pilot can exceed $100,000 – making a career in the cockpit unattainable to many. One way for the industry to help narrow the gap and mitigate what is often seen as a considerable financial risk, is to make bursaries more accessible. There are already a number of programmes in place, to support both aspiring pilots and those who need to maintain their licenses, however, now the industry needs to work on championing and expanding these support systems.

The industry also needs to start to embrace alternative approaches to alleviate this substantial outlay. For example, at Alpha Aviation, we have started running the the Multi-Crew Pilot License (MPL). This is a shorter, more simulator-focused way of training that not only opens up opportunities for prospective cadets from less privileged backgrounds, but also offers a more flexible training programme and quicker route to qualification – reducing the financial expenses for cadets to cover.

Technological innovations can also play a crucial role in advancing the training process to help support a consistent employee base. For example, e-learning programmes can enable airlines to expand cadet class sizes. No longer restricted by the physical capacity of training centres, e-learning programmes have the potential to significantly open up access to becoming an aviator and will ensure airlines can recruit the best talent, irrespective of locality. In addition to this, pilots still need to clock up over 1,500 flying hours to receive their ATP certificate. Therefore, investing in simulator training facilities is now pivotal in supporting cadets to keep on top of the legal requirements and improve their skills set at a significantly quicker pace, alongside supporting existing pilots to retrain on new aircrafts when necessary.

Looking ahead

The pressure on the aviation industry shows no signs of abating any time soon. Therefore, while it is great to see passenger numbers returning to near pre-pandemic levels, the industry needs to take this as a significant wakeup call and re-assess its pilot recruitment process.

At the end of the day, there is no quick fix – training top of their class pilots takes time, investment and enthusiasm. However, addressing the ongoing chaos and driving the sector out of this turbulent period is essential to the economic revival of the nation. Therefore, decisive action is needed – and it is needed now.

Continue Reading

Magazine

Trending

Business3 days ago

Know Your Business (KYB): Exceeding KYC

Victor Fredung, CEO at Shufti Pro   Money laundering costs the UK more than £100 billion pounds a year, according...

Finance1 week ago

Mini-Budget 2022:

Tax giveaway is a boost for business, but will it drive growth or fuel inflation?   Chancellor Kwasi Kwarteng has...

Finance1 week ago

A zero trust environment is critical for financial services

Boris Bialek, Managing Director of Industry Solutions at MongoDB Not long ago security professionals were still focused on protecting their...

Banking1 week ago

Digital Banking – a hedge against uncertainty?

Ankit Shah, Head of Digital Banking, Apex Group   The story of the 2020’s thus far is one of crisis....

News1 week ago

Union Bank of India goes live with RuPay Credit Card on UPI with Kiya.ai as a technology partner

Nitesh Ranjan, ED Union Bank of India with Rajesh Mirjankar, Managing Director & CEO, Kiya.ai at the launch   Kiya.ai,...

Finance1 week ago

Anyone Can Become an R&D Tax Expert with the Right Foundations

Ian Cashin is a Customer Success Manager at Fintech company and R&D tax software provider WhisperClaims   For accounting firms,...

Business1 week ago

Addressing the ongoing global pilot shortage issue

By Bhanu Choudhrie, Founder of Alpha Aviation   The Covid-19 pandemic brought the aviation industry to a halt, causing vast...

Business1 week ago

How exporters can mitigate risks and operate smoothly in stormy, post-Brexit waters

By Morgan Terigi is Co-Founder and CEO of Incomlend   The past few years have presented a series of hurdles...

Business1 week ago

From employees to customers, workforce management can benefit the entire banking ecosystem

Michael Cupps, SVP of Marketing of ActiveOps explores the significant impact workforce management can have on the employees and customers...

Business2 weeks ago

Redefining the human touch with digital transformation

Simon Kearsley, CEO of bluQube   It may not be a new phrase, but digital transformation is still inducing anxiety...

Finance2 weeks ago

CFOs – the forgotten ally in the fight against ransomware

Justin Vaughan-Brown, VP Market Insight at Deep Instinct   Ransomware attacks have nearly doubled in the past couple of years....

Technology2 weeks ago

7 cost benefits of cloud accounting software

By Paul Sparkes, Commercial Director of iplicit, an award-winning accounting software developer   Is your accounting software having a laugh...

Business2 weeks ago

How does Identity Access & Privileged Access Management help in PCI DSS Compliance?

Narendra Sahoo is a director of VISTA InfoSec. Introduction The Payment Card Industry Data Security Standard also commonly referred to...

Finance2 weeks ago

Listed private debt deserves a closer look from investors

By Michel Degosciu, Managing Partner, LPX AG Over the past few years, the private debt asset class is attracting serious...

Banking2 weeks ago

Security vs online payment convenience: which one is tipping the scales for customers?

 Chirag Patel, President of Digital Wallets at Paysafe.   While keeping their payment details safe is a top priority for...

Business2 weeks ago

The Tool and Tips to Truly Get Started with No-Code Development

Author: Chris Obdam, CEO of Betty Blocks   Throughout the legal industry, firms and in-house departments are leveraging legal tech...

That’s where Netcall’s Liberty Create came in. Create is a new breed of low-code software solution, built for both business users and professional developers That’s where Netcall’s Liberty Create came in. Create is a new breed of low-code software solution, built for both business users and professional developers
Business3 weeks ago

How ReFi Will Transform Finance

– by Ransu Salovaara, CEO of carbon platform Likvidi   Humanity faces a multitude of threats, many of which are...

Business3 weeks ago

THE NEXT WAVE OF FINTECH IS HERE

Much has been made of the ‘second generation’ fintech movement recently, but what have these businesses learned from those entering...

News3 weeks ago

UK leaves Europe trailing in its embrace of digital banking

People in the UK have embraced digital and online banking in a way that those across the rest of Europe...

Business3 weeks ago

The rise of automation and its impact on the CFO & CIO

By: Gert-Jan Wijman, VP Europe, Middle East and Africa at Celigo   On the back of the pandemic, organisations have...

Trending