1 min read

5 Tips to Prevent Business Email Compromise (BEC)

5 Tips to Prevent Business Email Compromise (BEC)

Business Email Compromise (BEC) is one of the leading cyber threats today so it's important to know that there are many valuable tips for keeping your business email secure.  

For example, using strong passwords, security awareness training for your employees, avoiding public Wi-Fi, and utilizing effective antivirus software.  Here are some additional tips that can add an extra layer of security for your organization.

 

Here are 5 Tips to Prevent Business Email Compromise (BEC):

  1. Enable MFA: Many people use the same password across multiple log-ins. Multi-factor authentication prompts a user for an additional form of identification upon sign-in such as a numerical code sent via text. Even if a hacker has your email and password, they would need access to this code in order to log in.
  2. Monitor the Dark Web to make sure your or your employee's credentials aren't being sold on the Dark Web.  Why hack someone's email if you can buy credentials online for a few pennies.  Too many of us use the same passwords for multiple systems.  How many of your employees use their network login for online websites and services?  Of the regular hacks and stolen information in the cloud, what is the odds that someone at your business has their current password stolen and for sale on the Dark Web?  
  3. Disable automatic forwarding to external email addresses: This could be a big security risk. Let’s say a hacker has an employee’s email and password. They log into Office 365 and set up the forward function to send all these emails to their personal gmail account. Yikes!!  Think about the implications this could have with HIPAA laws or regulatory compliance not to mention data privacy.
  4. Backup Microsoft Office 365 and G Suite: Office 365 and G Suite do not provide protection against data loss due to hackers, ransomware, malware, malicious insiders or departing employees. An attacker may attempt to gain administrative access to your Office 365 account via phishing and hold your data hostage. Make sure you have proper backups of your email to prevent data loss.
  5. Disable International logins: Another way to improve email security is to block logins from other countries. Hackers are global. At minimum block all countries except those that you do business with or have business travel to/from.

Everyone uses email for internal and external communication. It’s also an effective entry for hackers to access your domain, commonly via phishing attacks.  Keep your email safe!


New call-to-action

Teknologize has clients throughout the Pacific Northwest with offices located in the Tri-Cities, Washington 509.396.6640 and Bend, Oregon 541.848.6072.

Planning for Windows 10 End of Support: What You Need to Know

Planning for Windows 10 End of Support: What You Need to Know

As October 14, 2025, approaches, businesses need to prepare for the end of support for Windows 10. Microsoft has announced that after this date, they...

Read More
Lessons from the CrowdStrike Outage: What Your Business Needs to Know

Lessons from the CrowdStrike Outage: What Your Business Needs to Know

Imagine the sudden chaos when 8.5 million Windows devices - spanning industries like airlines, banking, and healthcare - began displaying the dreaded...

Read More
The Hidden Value of IT Network Vulnerability Assessments

The Hidden Value of IT Network Vulnerability Assessments

In today's digital landscape, many businesses operate under the assumption that their IT networks are secure because everything seems to be running...

Read More