Report comment

This is an important issue/story, but it seems to have been lost among other issues.

Too many still grapple with even the basics of computing, and particularly secure connections.

£40k was diverted from a client because the hacker had cloned his email account. Client's email address and login had been obtained through another hack where millions of users details had been stolen almost a year beforehand. Even though there was significant publicity and warnings, the client did not change his password.

About a year later, correspondence was intercepted by a hacker, who replied on client's letterhead (from client's cloned account) and changed the bank details before sending it back to the payer. Save to say, the hacker got away with £40k because it was sent by faster payment!

Now, I'm particularly good with computers, and I'd like to think that on opening the 'dodgy' letter I would have noticed the "author's" name was different to that of the client. On speaking to other colleagues and demonstrating what had gone on, they all said that they would not have noticed it either.

This issue is also closely connected with GDPR, with many specialists suggesting the biggest risk to businesses are millenials, merely because of the way they are used to using technology.