It’s important to be alert when opening your business emails. There are many methods used by hackers that can put your confidential information at risk.
"Phishing" is a technique used by hackers to gain access to your information or your system, using an email designed to imitate a financial institution or government agency. Through this email, they ask for sensitive information about your business—bank account number, bank routing number, debit-card PIN, etc.—or asks you to verify your credentials. What should you do? Just don’t click on any link.
Some types of phishing:
CEO fraud: A message in which a person passes himself off as the head or top executive of a company, ordering the transfer of funds to a bank account due to an emergency.
Fake provider: Notification by a fake provider asking for a change to an account number or the immediate payment of a fictitious invoice in order to avoid cancellation of service.
Other techniques:
- Offers that are too good to be true, with incredible investment opportunities
- Links to fake websites of “prospective suppliers”
- Pop-ups with ads, messages, or a window to go to an unsolicited webpage
If you or one of your employees opens one of these suspicious emails or provides sensitive information, take action immediately.
The best defense: corroborate the information by several means. You should formulate a policy for providing information electronically and for the proper use of emails and the internet in the office, and discuss it with your employees. It is also recommended to save any evidence of fraudulent activity for investigation purposes.
Find more tips for identifying suspicious emails here; you can also learn more about phishing with the article: Protect your business against malware and phishing.
Learn more about preventive measures for your business with the articles:
Fraud Prevention Best Practices, Don’t let fraud ruin your business, and Checklist: How to prevent fraud from taking place in your business.