Protecting Your Business from Costly Email Scams

Businesses today are under constant threat from a multitude of sources. From the biggest Fortune 500 companies to the smallest of mom-and-pop stores, no business is 100% safe from a cyber-attack. The simple fact is that there are too many threats out there to effectively prevent them all.

Cyber criminals try to trick employees into revealing proprietary and confidential data or taking an action that will benefit the criminals—and harm your business. They often use a tactic called spoofing—impersonating a legitimate business or person—in an attempt to fool employees into clicking a link, opening an attachment, changing account information or conducting a financial transaction.

Clicking those links or opening those attachments can automatically install malware, which, depending on the type, could give the criminals access to your computer or device, install ransomware (in which malware infiltrates your system and cyber criminals hold your business hostage until a fee is paid), and even allow them to burrow further into your company’s servers or the cloud. These attempts aim to steal your company’s confidential information can ultimately destroy your reputation.

During 2020, Sterling clients were exposed to $2.5 million in fraudulent wire transactions. In 2021, that number has climbed to nearly $10 million as we approach mid-year.

Exposure to financial loss can be easily avoided by recognizing red flags and verifying any payment instructions received via email or fax. Always follow up with a phone call to the requestor at a phone number of record. Some of the common red flags for payment fraud are as follows:

• There is an urgency for immediate release of a payment, and often numerous follow ups to determine if the payment was sent
• There is a noted change of tone, grammar, or spelling challenges in the request. For example:
  • A typically cordial interaction is direct and to the point
  • The written communication does not appear to be in the requestor’s “voice”
• The requestor may indicate that they are traveling or in a meeting and are unable to make a call to discuss details or verify the wire
• The transaction is not typical of prior transaction requests
  • Larger than normal
  • International (when the company typically does not send funds internationally)
  • Change in account information and potentially, geographic location for a known business partner
    • Especially when told the previous account is “under review” or “being audited”, etc.
• Email requests received through public domains (Gmail, AOL, HotMail, etc.) and not through your or your business partners’ domains
• Watch for spoofed email addresses intended to deceive the reader. For example [email protected] becomes [email protected]
• Any request that makes you feel uncomfortable or uneasy. Trust your instinct and verify!

While the impact of such a business email compromise can seem overwhelming, there are things you can consider doing to help protect your business, your customers and your employees from email scams. Here are a few best practices:

• Avoid clicking on links or attachments from untrusted sources.
• Educate employees to be alert to emails, messaging and phone calls that may be fraudulent.
• Use verified contact information from within the company’s internal contact management system when verifying requests to change information or transfer funds. Always verify any wire instructions received by email or fax via a follow up phone call.
• Require multiple-person approvals for account and financial change requests.
• Encourage employees to ask questions and challenge suspicious activity before acting on requests.

Best practices to help your business respond to a cyber event

Follow these tips if you think your business has experienced a cyber event.

1. Don’t delay. Acting quickly after a business email compromise or malware event can minimize damage to your business.
2. Determine what happened. Identify (if possible) what kind of incident occurred, whether it was successful and what was lost or damaged.
3. In the event a fraudulent financial transaction (i.e., a wire) was initiated, immediately file a report with the FBI’s Internet Crime Complaint Center (IC3) at www.ic3.gov.
4. Contact your bank’s servicing desk or support staff. Report fraudulent transactions.
5. Scan your network. Check for infected files or malicious programs with a strong antivirus program.
6. If your antivirus program is outdated, call a cyber-security professional to eradicate any suspect programs and set up better defenses before you go back online. Be sure to apply all software patches and security updates.
7. Change passwords. If you’ve experienced a phishing or smishing incident that has compromised multiple accounts, require your employees to change their passwords to prevent criminal access of key systems and financial data.
8. Review and improve your cyber policies. Ensure that your employee training, firewalls, antivirus software and email protection are up to date, and take steps to improve the effectiveness of your business network protection. To protect against future financial fraud, require multiple-person approvals for account and financial change requests. Use verified contact information from within the company’s internal contact management system when verifying requests to change information or transfer funds.

Learn More On Way You Can Protect Yourself.