Email hacks and phishing – who is putting your business most at risk?Click to listen
Growth in the use of email is putting adviser businesses at risk. In this interview, ABR editor Rob Kingsbury talks to Andrew Brogden, founder and CEO of tech firm Stay Private, about the threat from cyber crime, where firms’ vulnerabilities lie and what can be done about them
Questions and timeline
(This interview runs for 14 minutes]
[While the air conditioning played a bigger part in this audio interview than we would have wanted, the content is well worth the listen.]
How did Stay Private get started and what are the three products you have in the market at the moment?
“We started by creating a system to help advisers and other people in financial services evidence that they had dealt properly and compliantly with their clients in their sales process. That developed into the products that we have today as Stay Private…”
1.20 What are the risks to adviser businesses in sending electronic communications, particularly personal and confidential information?
“Everything that goes over the internet is effectively out there and shared with the wider world. As more and more information is sent it piles up and the value of that information to criminals grows larger. And the risk is getting bigger…”
2.35 You highlight four main threats – would you explain what they are and how they might relate to an adviser firm.
“The types of crime are changing all the time… but ultimately it’s about criminals getting hold of your money somehow. They gain information on people and are then coercing or tricking them into giving away more information and eventually their money.
“The more information we put out there the more we are exposing ourselves to risk and it’s difficult to know what that risk is going to be…”
3.38 We hear about advisers who have had an instruction ostensibly from a client to transfer money but have smelt something fishy and managed to stop the fraud occurring. How easy is it to hack an email account or use a phishing attempt to gain information?
“The problem comes where a criminal has gained access to an email account and has been watching what’s going on and then it’s easier for them to write a convincing email. If it is written properly in the right context anyone can be fooled…”
4.46 Sending an email has been described as like sending a postcard through the post and encryption is putting that email in an envelope. Is that a fair description?
“It is but the situation is a little bit worse than that unfortunately… it’s not just as it moves through the system…”
6.03 How difficult is to spot when you’ve been hacked or someone has got hold of your information?
“This is the problem with email accounts, the criminal could have had access for ages. You really don’t know if they are watching you…”
7.23 So from a business perspective how can financial adviser businesses protect themselves against these kinds of digital threats?
“There are sensible precautions you can take but as we use the internet more and more to send data and sensitive information there is more that needs to be done…”
8.17 Where is the more likely point of weakness?
“If you said to criminal here are 1,000 emails try to hack one of them, then it’s likely one person will have made a mistake…”
9.24 From a technology perspective what are systems like yours able to do to help the adviser business deal with these kinds of threats?
“Stay Private creates a pin-protected private environment in the cloud that only the adviser and the client have access to…”
11.3 A key issue from a business productivity point of view is how easy the system is to use. And similarly for the client. People don’t want to have to click 6 times just to send an email.
“We know convenience trumps security nearly every time on the internet so it’s one click on an email and type in the pin… and you can choose which emails you send fully secure…”
13.18 Presumably these are ongoing threats and could effect firms and companies of all sizes?
“Increasingly we are seeing criminals going for the softer targets, so you’re right, it’s a threat to everybody…”
Visit the Stay Private website