While both individuals and businesses in the Caribbean have long been victims of instances of cybercrime ranging from petty swindles to major shakedowns, there is evidence reflected in recent trends that small businesses are becoming increasingly vulnerable to attacks by cyber criminals.
The Trinidad Guardian reported on April 26 that information arising out of a cyber-security seminar held by KPMG, Trinidad and Tobago points to the Caricom state’s Cybercrime Unit encountering increased problems with business e-mail. The article said there was concern over the fact that businesses were being duped by bogus letters purporting to be instructions from management regarding the movement of money but which have turned out to be directives from cyber criminals. While no statistics were available, a Trinidad and Tobago police source reported that local small businesses, particularly, had experienced “quite a few” such occurrences.
Similar cybercrime related occurrences have turned up in Guyana, targeting both private individuals as well as small businesses. In the case of private individuals, e-mails would commonly be received from names of persons with whom the intended victims are familiar. The e-mails would describe one difficult circumstance or another which would be attended by a loan request and instructions as to who the money should be sent to. Three small business on Wednesday confirmed to this newspaper that similar ‘messages’ tailored to suit a different circumstance have been sent to them, purportedly by cyber criminals. This newspaper found no instance in which any of the persons or businesses with whom it had spoken had been duped into parting with their cash.
At the Port of Spain KPMG forum, however, it was revealed that the relatively low level of investment in cyber security strategy coupled with the frequency with which businesses conduct some types of transactions, including the importation of cars from foreign countries rendered both individuals and small businesses vulnerable to cybercrimes.
Information coming out of the KPMG seminar suggests that in most cases businesses were only likely to invest in securing their businesses after they had been a victim of cybercrime. A local private sector source told Stabroek Business that the same was likely to be true for businesses in Guyana, adding, “it is even doubtful that some small business owners would recognize cybercrime…”