NCSC issues new threat alert, aimed particularly at small business

Aside from data sharing, which continues to be a problem for businesses, the NCSC has also alerted business owners to a new phishing scam designed to steal personal and financial details from self-employed workers.

According to the NCSC, a survey from data discovery and auditing software vendor Netwrix has revealed that whilst most companies store their data in designated secure storage, there is still a risk of it leaking into insecure areas.

“Data leaking is likely to occur when employees have not followed security policies and procedures, where they have been implemented,” the NCSC said, suggesting that companies need to keep tabs on user data access privileges.

“NCSC recommends that organisations understand and catalogue the data they hold and for what purpose.

“Classification systems may be used to manage the appropriate handling of data and support the audit of user access to sensitive information. Organisations should also ensure that users receive appropriate training for handling sensitive data, and that systems are fit for purpose.”

As for the new phishing scam, the self-employed are particularly being advised to never click on unknown notifications.

“HMRC will never send notifications of a tax rebate or ask that personal or payment information, including passport information, be disclosed by email or text message,” the NCSC said.

“You should forward any suspicious emails and details of suspicious phone calls purporting to be from HMRC to phishing@hmrc.gov.uk and any suspicious text messages to 60599.”

For more NCSC information on how self-employed workers, and others, can protect themselves against phishing, click here.