Cybercrime: Recognizing dangers – minimizing risks

Cybercrime incurs huge losses

Cyber attacks and the damage they cause are increasing rapidly: Last year, the total losses resulting from cyber attacks in German companies alone amounted to around 267 billion Euros (according to Bitkom). In the last quarter, the number of attacks in Europe rose by 86% compared to the same quarter of the previous year (source: Checkpoint Research). The German economy is also a highly attractive target for attackers from Germany and abroad, and cyber attacks are one of the biggest existential threats to our economy and society. As a result, IT security is increasingly seen as a question of digital sovereignty (Bitkom).

Resilience against cyber attacks is a joint task

Protecting against cyber attacks is a joint task. Cyber criminals are now exploiting social engineering techniques to open doors into your systems. After recently consulting with data security specialists, we created an overview of how you can increase your resilience to cyber attacks.

Tips for protection against cybercrime:

When in doubt, don't click: Beware of suspicious e-mails and attachments
Cyber criminals use phishing e-mails to obtain access information or other personal data. So it‘s important to be vigilant when dealing with e-mails:

• Do not open or respond to any e-mails from unknown or untrustworthy senders.
• Never click links from unknown senders and never open attachments of unknown origin.
• If you are unsure about the authenticity of the sender of an e-mail, please get in touch with the contact person you know. Use the contact details you know. In e-mail communication with CAS Software, for example, this could be your supervising partner or your contact at CAS Software.

Complex encryption: Setting up and managing passwords securely - using 2FA:

• Never use the same password for different websites, but strong and unique passwords, that is, passwords consisting of a combination of upper and lower case letters, numbers and special characters.
• Passwords should never be stored unencrypted on a computer or mobile device. Instead, use a password manager for secure organization and encryption.
• For highly sensitive systems, content and data, you should activate two-factor authentication (2FA) in addition to the password manager.
  This is also offered by our CRM solutions CAS genesisWorld and SmartWe.

Read more: Remembering passwords step by step

Who am I talking to: Sensitizing employees when dealing with calls

• Question all unexpected inquiries, even if the caller sounds trustworthy.
• Even if your employees are supposedly contacted directly by a business partner, caution is advised.
• Never disclose sensitive data such as bank details over the phone.
• Caution is also advised when contacting unknown persons by telephone who have not previously been involved in any correspondence.
• And please also note that artificial intelligence can easily imitate familiar voices.

Attention: We as CAS Software would never call and urge you to follow a link in order to extend a licence activation or to protect you from the expiry of the usage period. Such calls are a clear warning sign of attempted fraud.

Important: Simply hang up if you have any doubts about the authenticity of the caller and do not share any sensitive information - regardless of the communication channel (telephone or messenger app).

Be aware of potential deceptions, for instance fake invoices
Company data is freely accessible. Criminals use this information to obtain sums of money. Therefore: If you make transfers to companies, only use the bank details you know, as these have not usually changed. If in doubt, please ask the contact persons you know using the known contact details.

Up to date: Always keep systems and software up to date
Cyber criminals often use known security vulnerabilities to gain access to systems.

• Therefore, always keep your systems and software up to date and install the latest security updates regularly.
• Also make sure that you use up-to-date anti-virus and anti-malware software.
• It is also important to observe and install the latest software releases for our CRM solutions.

Well prepared: Further corporate security measures
Companies should establish a multi-layered security concept: This includes regular security updates, strong authentication, structured employee training and comprehensive user and access management. Network security through segmentation, firewalls and encryption should also be prioritised. In addition, continuous monitoring, clear emergency and recovery plans and regular recovery tests are essential. Backups should also be carried out at different locations to ensure data availability in the event of an emergency.

Offline  and secure: Regular backups of your data
Despite all your best efforts and protective measures, data can still be lost on infected systems. Therefore, store important data securely, better yet, air-gapped. Also check your offline backups regularly to ensure they are up-to-date, functional and consistent.