How to PROTECT Your Buisness

There has been much publicity about Cyber Crime/Fraud and its cost to business over the last few months and the frequency and scale of it is increasing rapidly.

Some recent research has highlighted very interesting facts which should make every SME take notice of a ‘clear and present danger’:

General Cyber
  • There is about a 50/50 chance as an SME of experiencing a cyber security breach (source NCSC)
  • 49% of SMEs believe that it is unlikely to happen to them! (Take Five) The average costs to an SME go into thousands of pounds, even without calculating the reputational damage inflicted ‐ average £25,736 (Hiscox)
  • 25% of SMEs and charities are not updating software or malware and 33% do not provide any guidance on passwords (
  • Only 13% of SMEs are achieving the Cyber Essentials standards (
  • 74% of SMEs haven’t made any provisions on their accounts to deal with a potential attack or issue (PolicyBee)
  • Only 40% of all data in the cloud is properly protected against attack. People assume that if it is in the cloud then then are safe ‐ it still needs to be set up correctly and protected adequately to minimise the risk of compromise. (NCSC)
After an Attack SMEs Reported That:
  • 89% felt that the attack had impacted their reputation
  • 30% reported a loss of customers
  • 25% received negative reviews on social media
  • 26% were unable to grow in line with previous forecasts
  • 93% suffered operation limitations (Cyber Streetwise & KPMG)

Over the last few weeks new and more sophisticated malware has been reported by NCSC. These include file‐less Malware that is harder to detect using anti‐malware services and LoJax which is a form of Malware that can survive Windows and hard drive reboots. Ensuring that Secure Boot is turned on in Windows 8 and 10 will reduce the risk of the latter.

The NCSC released a statement on the 28 September about a Trickbot banking trojan which called for all SMEs to take action to prevent falling foul. Trickbot attacks are designed to access online accounts, including bank accounts, with the goal of obtaining Personally Identifiable Information (PII) which can be used to facilitate identity fraud. Trickbot continues to exploit trusted commercial and government brands using well‐crafted phishing emails to initiate an infection.

General Fraud
  • Fraud loss in SMEs is estimated at £18.9b per annum (Action Fraud)
  • 70% of business leaders & managers admit they haven’t taken any action to protect their business & employee from an incident of fraud (Take Five)
  • Over a third of business leaders admit that they have never spoken to employee about the issue (Take Five)
  • 26% of scam cases an employee was approached directly (Take Five)
  • 77% of business leaders admit they have never heard of common scamming techniques like CEO impersonation. (Take Five)
  • 57% of SME owners didn’t believe that fraud in the form of invoice redirection etc were a genuine risk to their business (National Fraud Intelligence Bureau)
After an incident SMEs reported that:
  • 8.6% had to make redundancies ‐ over 50,000 jobs lost nationally to date (Barclays Bank)
Recent Fraud Threats

Computer Software Service fraud can start with either a phone call, an email or a pop‐up message appearing on your computer, stating there is something wrong with your computer or internet connection and that it needs to be fixed. However, there will either be a demand for payment to fix it, or they will install software on the computer which will allow the criminals to access personal and financial details. In 2017/18, Action Fraud received 22,609 reports of Computer Software Service fraud with a total of £21,365,360 being lost to fraudsters (Action Fraud)

The WannaCry emails are designed to cause panic and trick you into believing that your computer is infected with WannaCry ransomware. In reality the emails are just a phishing exercise to try and extort money. The emails claim that all of your devices were hacked and your files will be deleted unless you pay a fine to the fraudsters in Bitcoin (Action Fraud)

Mark Ruthven runs a small architecture practice in London and was stung when a fraudster hacked into the email account of an administrator of a semi‐regular supplier ‐ probably having tracked that the business made monthly payments.

After Ruthven’s Financial Administrator received a seemingly legitimate email advising her of a change in banking details, a BACS payment work £13,000 was ultimately sent later that month to the bogus account. This type of fraud, commonly referred to as invoice redirection, is a growing trend and one causing billions of pounds worth of losses each year.

What to do?

Do something that will truly protect your business. The reality is that your workforce/ employees are the most likely people to be tricked into costing your business money. Whose fault is that? If they don’t know what to look out for and know exactly what to do/ what to avoid and protocols to follow you are leaving your business wide open.

The odd day on a course for a couple of your employees will not fix it ‐ the threat is 24/7 and it needs a 24/7 solution sitting in your business ‐ we have that solution with our online Protect product which can be launched in your business, accessed by all of your employees 24/7 and contains all that you and your staff need to know to protect your business from these threats ‐ all available for just £99 plus VAT per month. £1200 plus VAT a year for complete peace of mind and we also offer a £250,000 liability insurance cover (provided by Hiscox) for all of those businesses that comply with the Data Guardsman criteria and processes as outline within the Protect product.

Learn more about PROTECT at Tinderbox PROTECT

Don’t take a chance ‐ PROTECT your business now!

To discuss PROTECT or to arrange a demonstration, give us a call on 0116 232 5231 or contact me personally at the contact points below.

David Turner

Managing Director

07747 023610



Enquiry Form

Need to talk to a Tinderbox expert? Fill out the form below and the right person from our team of experts will get back to you to help with your enquiry.

Who we have worked with

Who we have worked with: Hallmark Cards, Coca-Cola, Hasbro, Rolls Royce, Sunseeker, Mattel, MicroSoft, Argos, Auto Glym, P&G, Ferranti, FloGas, Lloyds TSB

Tinderbox Limited Registered office: Ventura House, Ventura Park Rd, Tamworth, B78 3HL, Registered in England
Company registration number 7663634
• View Our Privacy Policy

© 2015 Tinderbox Ltd. All rights reserved
Web Design by Nuke Creative