Search

How can we help?

Icon

Phishers don’t discriminate against start-ups

Even giants like, Mattel (the toy-manufacturer), aren’t immune to the phishing attacks of those virtual villains who try to obtain sensitive information like credit card details and access codes in order get their hands on your money.

The funny thing is a lot of startups have various potentially-fatal misconceptions about the susceptibility of their business, including that they would not be of interest to phishers. On the contrary, phishers are aware that startups are more concerned about growth and increasing profile than dealing with email scams, which most of us techies think we could handle anyway. It’s pretty easy to spot and delete, right? Wrong.

Some businesses employ a two-step system for authorising bank transfers, which can offer some protection but that didn’t exactly stop phishers from penetrating Mattel’s two-step system and getting them to authorise a transfer of nearly £3 million to an account somewhere in China.

Monica Atwal

Managing Partner

View profile

+44 118 960 4605

Chambers and Partners

The Clarkslegal team are commercial and good to work with. They get what our business needs and tell me what I need to hear.

What happened to Mattel you ask? Well, an unnamed senior executive received an email requesting a bank transfer from the CEO Mr Sinclair (or so she thought). Before authorising the transfer, she did not question it because she thought she had satisfied the company’s policy.

Whatever your policy on payment of invoices and bank transfers in general may be, creating cultural awareness through training and communication is the key to preventing phishing.  Everyone is at risk of falling into a phishing net, regardless of seniority or how tech-savvy you are.

For example, make it a habit to step away from your emails when you receive a request for sensitive information or an email attaching an invoice for payment. Call up the person who you think sent you the email to double check that all is in order. You should not just give up information or open up an attachment because you think a trusted source has sent it.

This is not to say that you should slow down your business operations, it simply means that you should encourage your team to communicate with each other and err on the side of caution in certain circumstances. Mattel was lucky and did manage to get its money back but not all phishing experiences will end the same way and can have a devastating effect on a startup.

About this article

Disclaimer

This information is for guidance purposes only and should not be regarded as a substitute for taking legal advice. Please refer to the full General Notices on our website.

Monica Atwal

Managing Partner

View profile

+44 118 960 4605

About this article

Read, listen and watch our latest insights

art
  • 16 May 2024
  • Immigration

What Employers need to know about Biometric Residence Permits

Biometric Residence Permits (BRPs) are biometric immigration documents that are issued to non-EEA nationals and EEA nationals, who have been granted permission to stay in the UK.

art
  • 14 May 2024

Clarkslegal’s London team moves to new Chancery Lane office

The London office of Clarkslegal has relocated to Chancery House, on Chancery Lane. The staff is enthusiastic about the relocation because Chancery Lane has a longstanding association with the legal profession in London.

art
  • 10 May 2024
  • Employment

New duty on employers to prevent sexual harassment – coming October 2024

The Worker Protection (Amendment of Equality Act 2010) Act 2023 is due to come into force in October 2024.

art
  • 09 May 2024
  • Employment

Labour Party Employment Law Proposals – Promises of further consultations and a softer approach

The Prime Minister recently announced a raft of changes, to be implemented in the next parliament, aimed at reducing the number of people who are economically inactive due to illness.

art
  • 09 May 2024
  • Corporate and M&A

Navigating corporate transparency: ECCTA reforms series – part 1

The Economic Crime and Corporate Transparency Act 2023 (ECCTA) received Royal Assent in October 2023 and marked a pivotal moment in corporate governance and transparency.

art
  • 07 May 2024
  • Employment

Changes to TUPE rules from 1 July 2024

The Transfer of Undertakings (Protection of Employment) Regulations 2006 (‘TUPE’) aim to safeguard employees’ rights on the transfer of a business or on the change of a service.