Search

How can we help?

Icon

Phishers don’t discriminate against start-ups

Even giants like, Mattel (the toy-manufacturer), aren’t immune to the phishing attacks of those virtual villains who try to obtain sensitive information like credit card details and access codes in order get their hands on your money.

The funny thing is a lot of startups have various potentially-fatal misconceptions about the susceptibility of their business, including that they would not be of interest to phishers. On the contrary, phishers are aware that startups are more concerned about growth and increasing profile than dealing with email scams, which most of us techies think we could handle anyway. It’s pretty easy to spot and delete, right? Wrong.

Some businesses employ a two-step system for authorising bank transfers, which can offer some protection but that didn’t exactly stop phishers from penetrating Mattel’s two-step system and getting them to authorise a transfer of nearly £3 million to an account somewhere in China.

Monica Atwal

MANAGING PARTNER

View profile

+44 118 960 4605

Chambers and Partners

The Clarkslegal team are commercial and good to work with. They get what our business needs and tell me what I need to hear.

What happened to Mattel you ask? Well, an unnamed senior executive received an email requesting a bank transfer from the CEO Mr Sinclair (or so she thought). Before authorising the transfer, she did not question it because she thought she had satisfied the company’s policy.

Whatever your policy on payment of invoices and bank transfers in general may be, creating cultural awareness through training and communication is the key to preventing phishing.  Everyone is at risk of falling into a phishing net, regardless of seniority or how tech-savvy you are.

For example, make it a habit to step away from your emails when you receive a request for sensitive information or an email attaching an invoice for payment. Call up the person who you think sent you the email to double check that all is in order. You should not just give up information or open up an attachment because you think a trusted source has sent it.

This is not to say that you should slow down your business operations, it simply means that you should encourage your team to communicate with each other and err on the side of caution in certain circumstances. Mattel was lucky and did manage to get its money back but not all phishing experiences will end the same way and can have a devastating effect on a startup.

About this article

Disclaimer

This information is for guidance purposes only and should not be regarded as a substitute for taking legal advice. Please refer to the full General Notices on our website.

Monica Atwal

MANAGING PARTNER

View profile

+44 118 960 4605

About this article

Read, listen and watch our latest insights

art
  • 01 June 2023
  • Employment

Facts employees should know about their personal data

We previously published an article on facts an employer should know about holding personal data, so it is only fair that we also write about the other side of the coin – facts employees should know as individuals whose personal data is held by their employer.

art
  • 01 June 2023
  • Immigration

What is the Immigration Skills Charge (ISC) and how much do you have to pay?

The Immigration Skills Charge (ISC) is a levy on companies who sponsor migrant workers. This levy was imposed on 6 April 2017. The Government states that the charge has been levied to contribute towards addressing the skills gap in the local economy.

art
  • 26 May 2023
  • Employment

Avoiding discrimination in flexible working requests

The right to request flexible working is currently available to employees with at least 26 weeks’ service and is set to be extended further under new Government reforms.

art
  • 25 May 2023
  • Corporate and M&A

Management Buyout – Top 5 things to consider

A management buyout is a financial transaction in which a member of the management team purchases the company from its registered owner. MBO’s usually occur in private companies in an effort to enhance profitability and simplify strategies.

art
  • 25 May 2023
  • Employment

Carer’s Leave Bill set to become law

On 19 May 2023, the Carer’s Leave Bill had its third reading in the House of Lords, and upon receiving Royal Assent, will become law. There is not yet a date for the implementation of this bill, however it is likely that this will happen relatively quickly upon receiving Royal Assent, so is definitely one to keep an eye on.

art
  • 18 May 2023
  • Immigration

Navigating SOC Codes

When it comes to UK immigration, understanding the intricacies of the system is vital. One significant aspect of the process revolves around Standard Occupational Classification (SOC) codes. SOC codes play a crucial role in determining the eligibility for an individual to apply for a work visa, assessing skill levels, and matching individuals to appropriate job roles.