In late January, the FBI and the Internet Crime Complaint Center released a public service announcement about the recent proliferation of Business Email Compromise (BEC). Defined by the FBI as a “sophisticated global scam targeting small to large businesses,” BECs affected more than 2,000 victims worldwide in 2014, while inflicting upwards of $200 million in fraudulent losses. The FBI added that “with high confidence” they expect “the number of victims and the total dollar loss will continue to increase.”
So what can you do to protect yourself and your business?
• Meticulously check addresses, subject lines, and body copies for any discrepancies. A fraudulent email account may be only one letter off from a legitimate one — or a single word may be spelled wrong in the email message itself. Either way, noticing from the get-go may save a lot of trouble.
• Validate ANY link in ANY unfamiliar email before clicking on it. Hover over or right click all links and look for a legitimate URL that matches the one the email came from — not long strings of jumbled numbers or letters. All it takes is one click on one bad link by one employee to compromise the data of your entire company.
• Do not open ANY email or attachment from ANY sender you don’t recognize. Last year’sCryptoLocker virus spread primarily through malicious PDFs, audio files, and other attachments that computer users unwittingly clicked on. If you don’t know the sender and aren’t expecting a file, don’t click on it!
• Avoid using free, web-based email for business purposes. Establish a company website domain and use connected email accounts for all communications. Also, strongly consider a proactive monitoring solution, which should conduct regular malware scans and daily antivirus updates.
• Mark any unsolicited email as spam or junk. If you have a strong firewall or monitoring solution backed by strong IT support, flagging suspicious-looking emails will help filter out future spam — and possibly alert security experts to spoofed or hacked accounts.
Avoiding the threat of email compromises and other malicious scams is critical to business success — but it’s not a task you should undertake alone. That’s where a trusted IT partner like CMIT Solutions comes in. Contact us today to find out how our proven security measures can keep you and your employees safe.