Businesses across Derbyshire are being encouraged to take steps to protect themselves from fraudsters.

Investigators from the Cyber Crime Unit have received reports of businesses in the county falling victim to cybercriminals, particularly those involving ransomware attacks and CEO fraud.

Ransomware is a form of malware and can infect a computer; tablet or laptop, usually once the user has opened a malicious attachment in an email, clicked on a malicious link, or visited a corrupt website.

Once the virus is downloaded, the cybercriminals are then able to lock the device from a remote location and take over personal files such as images and documents. A pop-up page will then launch informing the owner that the device will not be unlocked until a sum of money is paid to the fraudster.

Detective Constable Mick Donegan said:

If you receive an unexpected email with an attachment, always check the address it has been sent from. Ask yourself, is it correct? Is it usual activity and does the attachment need opening? If you’re unsure, don’t open the attachment or click on the link. Instead, it can be forwarded to a specialist IT team member to be opened safely.

The most critical defence to this attack is backing up data on a regular basis. Ideally this should be at a minimum of daily intervals. The backups should be held on computers or hard drives away from the business network so that if data is encrypted the backups are not going to be affected. By backing up data it will allow for companies to not pay the ransom and bypass the encryption by restoring data from the backup. Updating software also needs to be actioned as a priority.

CEO fraud is another issue affecting businesses. This crime involves fraudsters purporting to be the CEO of managers of the company and requesting payments to be made into a new back account for businesses purposes.

The emails are often well crafted and use details on social media to make them appear legitimate.

Top tips for protecting your business from CEO fraud and ransomware viruses include:

  • Regularly review internal procedures regarding how transactions are requested and approved, especially those in relation to verification
  • Check email addresses and telephone numbers when transactions are requested. If in doubt request clarification from an alternatively sourced email address or phone number
  • Don’t be afraid to question details when being tasked to transfer money at short notice
  • Install anti-virus and firewall software for your computer and set these to update automatically
  • Do not open email attachments from unknown sources, especially if it is something that you are not expecting
  • Set your web browser to the highest level of security to prevent against malware and computer crime;
  • Make regular backups of your files and store them safely;
  • To detect and remove ransomware and other malicious software that may be installed on your computer, run a full system scan with an appropriate, up-to-date, security solution.
  • If your computer has been locked by ransomware, seek professional advice from a trustworthy source.

If you have been affected by this, or any other scam, report it to Action Fraud by calling 0300 123 2040, or visiting Action Fraud website

For more advice around protecting yourself from fraudsters, visit the dedicated Stamp Out Fraud in Derbyshire webpage