The recent cyberattack on the airline Air Europa, which has exposed the banking details (card numbers, expiration dates and CVV) of thousands of customers, once again demonstrates how unprotected many companies in Spain continue to be and the need to invest in prevention, according to Felipe García, lawyer and partner at the Círculo Legal Madrid firm.
“Today, it was Air Europa’s turn, tomorrow it will be another great company, but in silence, many companies are also victims of fraud, which requires the Compliance Departments to make an extra effort to mitigate its impact on reputation and profit and loss account of organisations, without a doubt a difficult task,” says the expert.
These types of attacks represent a real and growing problem in Spain, and, as revealed by the Spanish Association of Companies against Fraud (AECF) in its latest report, 68% of Spanish companies acknowledge having been victims of more cases of fraud than the previous year, while only 5% have detected a decrease. Also worrying is that one out of every two affected people (47%) points out that the amount of losses caused by fraud has been higher than the previous year.
“Fraud continues to grow exponentially, which makes it necessary to redouble efforts to combat this scourge,” comments the member of the Board of Directors of the World Compliance Association, who adds, “there are organisations that access our data to use them” fraudulently – this has recently happened in the Seville City Council and the Barcelona Clinic – and after this sale of data, large or small scale cyber-attacks are usually carried out, whether it is on companies or individuals.
In this sense, the results obtained by the AECF report are clear: 42% of the cases recorded were admission fraud at the point of sale, or in other words, fraud during online transactions in which cybercriminals use credential theft techniques or fake cards; Those followed (21%) by data theft or malware through malicious software infiltrating computer systems.
The importance of compliance as a prevention tool
Faced with this problem, Felipe García recalls the importance of compliance policies within companies, as well as the training of the person in charge of the department, the so-called ‘compliance officer’, so that “they can collaborate with the risk departments” and that way they can focus on what practice can affect their bottom line, whether it is a cyber-attack, malware, phishing or some similar technique that usually has a significant impact when that organisation suffers it. To the economic loss and potential clients, we must add the reputational damage that a cyber-attack on an organisation entails, especially if that company has sensitive data, or is a technology company, which requires greater control of its information. and therefore, more solid and cutting-edge anti-fraud controls.”
“Companies must invest more in fraud prevention and control policies.” In the end, this investment is always profitable, since it helps detect and prevent it, establishing effective controls in organisations to prevent internal fraud and cyber fraud. To undertake these investments, it is necessary that the management team be sensitised to this problem, and must be aware of the high exposure to these attacks of any company, regardless of the sector where the company is present, there are two types of companies, those that have been victims of a cyber-attack, and those that have been, and still do not know it,” concludes the expert.
The post The threat of cyber fraud increasing for companies in Spain appeared first on Spain Today – Breaking Spanish News, Sport, and Information.