1 min read

5 Tips to Prevent Business Email Compromise (BEC)

Picture of Byron Martin Byron Martin : Aug 3, 2020

Cybersecurity
5 Tips to Prevent Business Email Compromise (BEC)

Business Email Compromise (BEC) is one of the leading cyber threats today so it's important to know that there are many valuable tips for keeping your business email secure.  

For example, using strong passwords, security awareness training for your employees, avoiding public Wi-Fi, and utilizing effective antivirus software.  Here are some additional tips that can add an extra layer of security for your organization.

 

Here are 5 Tips to Prevent Business Email Compromise (BEC):

  1. Enable MFA: Many people use the same password across multiple log-ins. Multi-factor authentication prompts a user for an additional form of identification upon sign-in such as a numerical code sent via text. Even if a hacker has your email and password, they would need access to this code in order to log in.
  2. Monitor the Dark Web to make sure your or your employee's credentials aren't being sold on the Dark Web.  Why hack someone's email if you can buy credentials online for a few pennies.  Too many of us use the same passwords for multiple systems.  How many of your employees use their network login for online websites and services?  Of the regular hacks and stolen information in the cloud, what is the odds that someone at your business has their current password stolen and for sale on the Dark Web?  
  3. Disable automatic forwarding to external email addresses: This could be a big security risk. Let’s say a hacker has an employee’s email and password. They log into Office 365 and set up the forward function to send all these emails to their personal gmail account. Yikes!!  Think about the implications this could have with HIPAA laws or regulatory compliance not to mention data privacy.
  4. Backup Microsoft Office 365 and G Suite: Office 365 and G Suite do not provide protection against data loss due to hackers, ransomware, malware, malicious insiders or departing employees. An attacker may attempt to gain administrative access to your Office 365 account via phishing and hold your data hostage. Make sure you have proper backups of your email to prevent data loss.
  5. Disable International logins: Another way to improve email security is to block logins from other countries. Hackers are global. At minimum block all countries except those that you do business with or have business travel to/from.

Everyone uses email for internal and external communication. It’s also an effective entry for hackers to access your domain, commonly via phishing attacks.  Keep your email safe!

New call-to-action

Teknologize has clients throughout the Pacific Northwest with offices located in the Tri-Cities, Washington 509.396.6640 and Bend, Oregon 541.848.6072.
Data Privacy Tips for Businesses

Data Privacy Tips for Businesses

Picture of Byron Martin Byron Martin: Apr 21, 2025

Protecting sensitive information is a year-round priority for small and mid-sized businesses (SMBs) in Washington and Oregon.

Cybersecurity
Read More
Top 5 Common Vulnerabilities Found in Network Assessments

Top 5 Common Vulnerabilities Found in Network Assessments

Picture of Byron Martin Byron Martin: Apr 11, 2025

Why a Network Assessment Is an Essential First Step

Cybersecurity
Read More
Are CPA’s Required to Have a Written Information Security Plan (WISP)?

Are CPA’s Required to Have a Written Information Security Plan (WISP)?

Picture of Byron Martin Byron Martin: Mar 25, 2025

Yes.

Cybersecurity Compliance
Read More