What with keeping enough work in the books, keeping on top of those terrible tax returns and keeping customers happy, there’s many things that could keep a hardworking tradesman up at night. Now there’s another one to add to the list: keeping cybercriminals out of your email account.
It only seems like a few weeks ago that we told you about an attempt by hackers to steal your information (and your hard-earned money) by posing as representatives from HMRC.
Hopefully, you took our advice and did everything you could to protect yourself. Yet even if you did, it’s still worth taking note of the latest scam invented by cybercriminals, one that could well have far-reaching consequences for your business.
Hacked: Criminals steal tradesman’s email… & his customer’s money
Earlier this summer, police in Northern Ireland issued a warning after hackers broke into a local tradesman’s email account. As if that wasn’t bad enough, the criminals then posed as the tradesman, using his email account to send a message to one of his customers. The message told the customer to pay the remainder of his balance into a new bank account.
As you’ve already guessed, this new bank account belonged to the scammer.
Luckily, the fraud was spotted in time. The customer was able to cancel the transaction and no money was lost, but not everyone has been so fortunate. Previously, similar scams have been reported in which the customers lost as much as £25,000.
Still, it isn’t just the customers who risk losing out. By having their accounts hacked in the first place, a tradesman unwittingly puts his customers at risk, and that can be a move that very few businesses can seriously bounce back from.
A serious threat
Look: we’re not trying to put the frighteners on you, honest. It’s just that, whilst scams such as the HMRC fraud we mentioned earlier can be relatively easy to avoid if you’re vigilant, having your email hacked can be much tougher to prevent.
Not only that, but the impact on your business can be much more severe. At a time when the public’s trust in certain trades is at a low point, allowing your customer’s sensitive personal information to be stolen isn’t going to do your reputation any favours.
If you’re like many tradesmen, that reputation may be the one thing vital to your success. Most new customers likely to come to you as a result of recommendations or reviews, each one vouching for the quality of your service. Should you instead gain a reputation for not protecting your customer’s data and putting them at risk of fraud, that could well undo a lot of the work you’ve already done and drive potential new customers straight to one of your competitors.
What’s more, in a March 2018 survey carried out by digital security specialists Gemalto, 70% of 10,000 survey respondents said they would leave a business following a data breach. That means there’s every likelihood that, once word gets around, you could lose some of your existing customers too.
How to stop this happening to you: Top tips for better email security
So far, so doom and gloom, but it doesn’t have to be this way.
Though the most determined of cybercriminals will sadly always find a way in, there are a number of things that you can do to seriously deter them and keep yourself, your email, and your customers safe.
Use a strong password
If you’re still using passwords like “letmein” or “password,” give yourself a firm slap on the wrist and change those passwords immediately. You might think you’re using a stronger password by using a name or a word that’s special to you, such as your favourite place to go on holiday or the name of a family pet, but think again.
Unless you’ve been super careful, hackers can probably glean much of this information from social media and if they can’t, they’re able to use programmes which cycle through a whole dictionary’s worth of words until they find one that gets them into your account.
The best passwords to use are those that use a random string of alphanumeric characters and symbols. The longer the string, the more secure the password. You can even use a thing called a keygen to random generate you a password, and there are even websites that will display helpful ways to remember this randomly generated password.
Use different passwords for different accounts
If a hacker gets the password to one of your accounts and you’ve used the same password for every account you use, then they’ve potentially got access to everything from your online banking, savings accounts, social media and more. You can avoid this by using a different password for every account.
Yes, this can make it impossibly difficult to remember, especially if you’re using the kind of long, random passwords we’ve recommended above/ This is where a password manager like LastPass or RoboForm can come in handy.
Whether installed on your devices or based in the cloud, these tools can create random, super-strength passwords for each of your accounts and store them securely. Then, when you come to access one of those accounts, the password manager does the hard work of remembering and inputting that password for you.
Use two-step authentification wherever possible
If you use a popular email service like Gmail, Outlook, Yahoo or Zoho Mail, you can set up two-factor authentification. This creates an additional layer of security that makes it even more difficult for hackers to break into your account. Most email services typically use a combination of passwords and additional codes.
So, after entering your password, you’ll be sent a code to your mobile device. You then have to enter this code before you’ll have access to your email. Yes, it can be a little more time-consuming, but you’ll find it well worth it for the added protection it provides.
Agree on payment terms with your customers in advance
On every job, ensure your customers know exactly when and how they’ll need to pay and make it clear that at no point will you be changing this agreed arrangement. You can also tell your customers to phone you if they receive any communication from you that they’re not sure about.
Have you been the victim of email fraud? What steps are you taking to protect your trade business from scammers and hackers? Let us know in the comments below, or join in the discussion on Facebook or Twitter.