Staying Safe and Secure: Avoiding Cyber Scams
How secure is your organization? Without robust cybersecurity and fraud prevention programs, your institution is exposed. Here's how to shore up your defenses.
![](/en/corporate-and-institutional/campaigns/staying-safe-and-secure-avoiding-cyber-scams/_jcr_content/main/pageBody/container_copy_copy_/embeddedGrid/image.coreimg.jpeg/1707229257841/pnc-insights-sb-staying-safe-secure-business-scams.jpeg)
Understanding the Size of the Threat
![](/en/corporate-and-institutional/campaigns/staying-safe-and-secure-avoiding-cyber-scams/_jcr_content/main/pageBody/container/embeddedGrid/containergrid/embeddedGrid/image.coreimg.png/1696448723883/pnc-insights-sb-staying-safe-secure-business-scams-feature-1.png)
Cybercrime: Criminal activity that either targets or uses a computer, a computer network, or a networked device.[1]
Internal fraud: Occurs when a current or former employee steals, alters, or destroys organizational information (such as client/donor data) or assets (such as computer software or physical assets) for direct personal gain or indirect gain by assisting other fraudulent actors.[2]
In 2023, cybercrime is predicted to cost the world USD 8 trillion.[3] Additionally, according to the Association of Certified Fraud Examiners, internal fraud generates median losses of $117,000 per case and typically lasts for 12 months.[4]
Common Security Threats
Malware: Harmful software designed to gain unauthorized access to devices, networks, and systems. Includes viruses, spyware, ransomware, and adware.
Phishing: Email communications designed to trick the recipient into disclosing sensitive information. Phishing targets large groups. Spear-phishing targets specific individuals.
Ransomware: Uses malicious software to encrypt a victim's files, denying them access. The attacker then demands a ransom payment to relinquish control.
Password attack: The attacker cracks or guesses a password to gain access to a company's devices, network, or systems.
Organizations email compromise: Criminal compromises legitimate organization email accounts to conduct fraudulent transfers of funds.
Formjacking: Criminals use malicious code to hack a website form and gather data.
Insider threats: Authorized individuals misuse their access to an organization's assets.
![](/en/corporate-and-institutional/campaigns/staying-safe-and-secure-avoiding-cyber-scams/_jcr_content/main/pageBody/container/embeddedGrid/containergrid_copy/embeddedGrid/image.coreimg.png/1696451699201/pnc-insights-sb-staying-safe-secure-business-scams-feature-2.png)
Strengthen Your Defenses
Attackers exploit weaknesses in your organization's cybersecurity strategies. Here's how to strengthen your defenses:
Conduct risk assessments: Scrutinize your organization for potential security weaknesses. Document the results and address the weaknesses.
Invest in security: Antivirus, antimalware, firewall, and intrusion detection software can make it harder to breach your security systems and generate alerts if an attacker succeeds.
Provide employee training: Make employees aware of the threats your organization faces. Train them on how to detect and respond to threats.
Install software patches and updates: Install patches and updates as soon as possible. Not doing so leaves your organization exposed.
Require complex passwords: Strong passwords that include upper and lower case, numbers and special characters make it more difficult for attackers to crack.
Limit employee data access: Provide employees with the data they need to perform their job. Remove additional access privileges.
Backup your data: Create online and offline backups of your data daily.
Create an incident response plan: Have a plan to follow during an attack. Test the plan frequently, including engaging a third-party firm to evaluate its effectiveness.
Mandate dual control: Require two employees to perform tasks that are prone to fraud, such as sending payments to suppliers.
![](/en/corporate-and-institutional/campaigns/staying-safe-and-secure-avoiding-cyber-scams/_jcr_content/main/pageBody/container/embeddedGrid/containergrid_228719792/embeddedGrid/containergrid_copy/embeddedGrid/image_copy.coreimg.png/1696452201781/pnc-insights-sb-staying-safe-secure-business-scams-feature-3.png)