Your Biggest Business Threat Could Be Cyber Fraud
Remote working and conducting business online has increased dramatically over the past two years. And so has cyber fraud. Reduce your business’ vulnerability by doing these three things.
Beware of business email compromise (BEC).
In BEC, a criminal impersonates a coworker or partner and requests payment to an account, or they might pose as an employee and ask HR to change their direct deposit.
One of the newest methods of attack exploits the frequent use of virtual meetings among remote workers. The FBI has confirmed several methods of attack, including hackers posing as executives and scheduling virtual meetings on their behalf. When the meeting starts, they claim their video/audio is not working properly, then proceed to instruct the employee to transfer funds in the virtual meeting platform or via email. They may also covertly insert themselves into workplace virtual meetings to collect information on the company’s day-to-day operations for future attacks. They later pose as an executive and instruct employees to initiate a transfer of funds with the false claim that they are in a virtual meeting and unable to conduct the transfer on their own computer.
You can help prevent having your email account hacked by keeping passwords secure, first and foremost. Keep an eye out for red flags in emails, including misspelled hyperlinks and discrepancies between the sender’s name and their email address. If a coworker sends a request to meet using a virtual meeting platform that isn’t normally used in your internal office, confirm the request with a phone call.
Cover your back with backups, tests, checks and software.
Start with internet security software and data backups, then test your data backup and make sure it can’t be infected from the network. Check your bank accounts daily for unusual activity. You might even test your employees with fake phishing emails to increase awareness. Employee education can effectively stop an attack before it starts. Your financial partner should provide additional protections like multi-factor authentication and Positive Pay and have the capability to enforce dual control processing of transactions, among other measures.
Check your insurance policies.
Does your policy cover cybercrime, fraud and ransomware attacks? Some companies also provide fraud recovery assistance. Insurance brokers and business advisors can help identify the best level of coverage for you.
If you discover you have been the victim of cyber fraud, contact your financial partner immediately for assistance. The FBI encourages all victims to file a complaint with the Internet Crime Complaint Center (IC3), regardless of the amount lost, at ic3.gov.