Small and big firms working online have to be prepared for ‘unprecedented levels of attempted fraud’ this month, say payments experts. Payments business Worldpay claims instances of fraud could rocket by as much as 80 per cent in February as hackers capitalise on customer data harvested during the Christmas shopping period.
But it should be mentioned that small firms are the biggest target for hackers, accounting for 85.7 per cent of UK data breaches. Virtually all breaches happen online (99.3 per cent), the rest being at point of sale.
Tim Lansdale, head of payment security at Worldpay, said: “We see a dip in fraud around Christmas as hackers go on the hunt for information, using the online sales rush to stockpile thousands of card details. It isn’t until February that they start cashing in on all the data they have collected.” The costs of being targeted can run to tens of thousands of pounds, with an investigation costing £11,250 on average and attracting a penalty of at least £8,000, Worldpay said. There is also the cost of lost goods and damage to reputation.
Richard Cassidy, a technical director at cloud security company Alert Logic, said: ‘Businesses today face tougher challenges while striving to stay as safe as possible in this new age of online operations. In 2014, businesses in the entertainment, hobby and leisure industries accounted for 23.3 per cent of card data breaches, followed by clothing and footwear stores (16.3 per cent) and jewellery, beauty products and gift suppliers (11.6 per cent).
Entertainment industry firms, particularly online ticket booking systems, tend to make easy prey because of the number of transactions they process. During the average data breach in 2011-2014, hackers harvested 284 days’ worth of card details before their activities were discovered.
“Attacks are proliferating at an unprecedented rate, and we are seeing a shift from the “smash and grab” of old to more advanced persistent attacks, where organised hacker groups are taking far more time and effort in infiltrating their targets than ever before.” Lansdale added: ‘Data breaches can be ruinous, so it’s vital that small business owners know the risks and take the necessary measures to protect themselves and their customers and employees.’