Common Email Crimes
(How to Protect Your Business)
We’ve all heard the stories.
Grandma gets an email from a Nigerian Prince. H needs some money now but will reward her handsomely in the future.
Truthfully, email fraud of this nature is generally more clever than that. Read on to discover the various way by which your sensitive emails may be compromised.
You get a message from YourBoss@YourCompany.com saying a vendor needs payment. He directs you to VendorInvoice.com with instructions to transfer the ‘normal amount’ to eliminate the debt.
“OK,” you think, “the email address has my bosses name, he must have gotten a new one. Also, the website has the vendor’s name, they must have updated it. It looks nice!”
You process the payment and two weeks later your boss asks you why there is money missing from the books. He never advised you to transfer this money.
This is the length criminals would go to in order to steal money from companies. They’d find info about a business and create fake email accounts and websites.
This method has been significantly more successful that Grandma’s Nigerian friend.
The means of stealing discussed above is known as Social Engineering.
Another approach to compromising a business via the internet is known as Account Takeover.
In an Account Takeover, a thief will use malware (evil programs) to control your actual email address. They will then use this to convince colleagues to wire money into unrelated accounts in a fashion similar to Social Engineering.
And all you must do is open the wrong piece of junk mail.
The terrifying part is you might not even know. Once they are in your system, a hacker can organize your account to forward themselves all your emails. Even worse, they can hide any emails they send under your name, so you have no way to notice you are under attack.
Recently, online criminals have found new means of accessing your account.
Many websites have appeared which sell stolen information to hackers who can use it to their benefit.
How do these websites get your information? Several ways.
Have you been stolen from before? Well that means your information is out there. One criminal who has gotten what they want from you will be more than happy to make a few more bucks selling that information to another criminal. They will hope that your passwords/information from other accounts are similar to those that have already been breached.
Have you fired anyone lately? Chances are they are not real happy with you. Also, they could use a few extra bucks because, well, they don’t have any income now. If they had access to sensitive information they might just sell it off. In their mind, you’ve wronged them so what’s the big deal?
Additionally, any third-party which involves accessing your computers leaves you vulnerable. While we never want to be suspicious of those that we do business with, it is a necessity in the modern age to monitor their activity and be certain they are not collecting any information which might be sold off later.
What to Do
So what do you do to protect yourself?
There are a handful of different answers to this question.
First of all: training.
Make sure your employees (and you for that matter) understand how convincing social engineering can be so they can stay vigilant in responding to emails. Also, installing a healthy fear of junk emails is a good idea.
Additionally, you should update passwords regularly and may want to consider multi-factor authentication (which is basically the equivalent of having two or more passwords).
You will also want to monitor your company’s activity on the Internet. While there are several programs you can purchase to do this, the best place to start is Google. If you set up Google alerts for your company name, your name, and all email addresses connected with the business, you will be given a heads up when any activity occurs. You can review this once a week or so to make sure nothing suspicious in happening.
The most important way to protect yourself is by finding an IT Support Company you trust.
As stated earlier, third-parties with access to your computers have the potential of being a gigantic breach of security. However, IT Professionals have spent years learning the industry standards for Internet Security and will be able to direct you in the correct protocols and software which make your business safe from attack.
Therefore, the keyword is trust. Although the task of finding an IT Company you believe in may seem daunting, it is imperative for any modern business.
We Can Help
If you are currently in the market for a trustworthy IT Support Company, please consider us at Priority IT Works. Send us an email or make a phone call today and we will discuss the best means for securing your business from the dangers of the internet.
Also, please remember to subscribe to our email list to keep up to date on any new business computer related articles we post.
Hopefully this article helped you understand certain dangers email crime can pose to your business. If you need any other information, please leave a comment or contact us a firstname.lastname@example.org.
Learn how to set up the basic form of remote access to your main workstation.
The time has come to transfer data from your old computer to that new one your received for the holidays.
For those of us with a Mac, should we be forgetful one day, Apple has given us a way to reset our password.