Articles

Information Security Allied to Combat Fraud

By April 8, 2021 No Comments

* By Vitória Silva

Currently, any organizational environment, regardless of its size or type of business, fear cyber fraud, a factor that reinforces the element of information security as an ally in the fight.

Most cyber frauds are carried out by people or organizations that aim to make money by applying scams using common methods such as:

  • Attacks of malware;
  • Phishing;
  • Fraud by email or untrusted websites;
  • Identity fraud;
  • Theft and sale of corporate data;
  • Financial data manipulation;
  • Cyber espionage.

The high level of risks that frauds offer to companies' systems, open space for the implementation of strict security controls, which would make it more difficult for cybercriminals to act and enable fraudulent situations to be identified more quickly.

For a fraudulent action to be put in place, the cybercriminal needs information, that is, if access to information is strictly allowed for those users who need the information, they are authorized to have access to it and if the security process is well managed, there is a possibility of reducing the number of frauds.

Periodically, it is necessary to reformulate security policies in organizational environments, monitoring all activity performed in these environments and always guiding users to follow good practices such as:

  • Keep software and operating system updated;
  • Use antivirus software;
  • Use strong passwords;
  • Never open attachments in spam emails;
  • Do not click on links in spam emails or on unknown sites;
  • Do not provide personal information over the phone or suspicious emails.

Some basic information security factors must be adopted by organizations that wish to prevent themselves:

  • User identification and authentication;
  • Authorization and periodic access reviews;
  • Resource management;
  • Risk and incident management;
  • Log recording for auditing.

Threats increase at the same rate as innovations reach the market, which is why the 2020 Cost of a Data Breach Report, gives IBM, showed that information security flaws cost companies approximately US$ 3.86 million.

Another survey carried out by Check Point, pointed out that cyber attacks increased by around 60% during the beginning of the coronavirus pandemic, with an emphasis on: identity fraud, theft and sale of corporate data, insurance fraud, fraudulent billing charges, cyber extortion, among others.

During the pandemic of the new coronavirus (covid-19), the realization of digital transactions gained strength and also leveraged the number of invasion attempts and improper access to electronic devices.

There are common scams being applied to obtain data from people that make it possible to carry out transactions or clone data such as:

  • Scam of the false bank employee;
  • Motoboy hit;
  • Creation of applications similar to those of the government;

The director of FEBRABAN's Executive Fraud Prevention Commission, Adriano Volpini, warns that the population has a security behavior in the digital world that is different from the physical world, “people have become accustomed to taking care of wallets, belongings and cell phones when they are in public and busy places, however, have not yet become accustomed to being discerning in the digital world ”. Attention is the main strategy, when in doubt, one should not access unknown links or websites, as this can be the gateway to a cyber crime. Currently, three projects are pending in Congress, among them, 2,638, which provides for the criminal classification of theft through electronic fraud, by deputy Marcelo Ramos (PR / AM).

Finally, we conclude that the process of information security it offers a structure to minimize the occurrence of fraud, however, implementing and maintaining this process requires dedication of financial resources, time and people. Investing in prevention generates greater results than acting reactively or corrective.

Just know what information security controls your organization wants and needs to achieve its goals.

About [SAFEWAY]

SAFEWAY is an Information Security company, recognized by its customers for offering high added value solutions, through Information Security projects that fully meet the needs of the business. In these years of experience, we have accumulated, with great pride, several successful projects that have earned us credibility and prominence in our clients, who constitute, in large part, the 100 largest companies in Brazil. Today through more than 22 strategic partnerships with global manufacturers and our SOC, SAFEWAY is considered a one stop shopping with the best technology, processes and people solutions.

- Vitória Silva is Junior Consultant at Safeway