Teknologize has recently seen a major uptick in email-based cyberattacks happening right now and right here in our own backyard.
Here is a screenshot of a compromised email that was forwarded to us from a local company in the area.
What to look out for in a phishing email:
- Invoices coming from local vendors you use, possibly from a known and trusted email. Several local vendor emails have been compromised in the last two weeks.
- Request to change payment to a different account. Always verify by phone.
- A link requesting you to update or verify account information.
- An attached invoice with strong language such as "urgent", “missing” or “immediate”. Do not open.
- The email asks you to log in to your account and provide credentials.
For hackers to pull off a business email compromise such as this, the email breach would have taken place days, weeks or even months ago. The average time it takes to identify a data breach is 197 days! This type of scam takes time and planning to know who handles invoices, who the vendor works with, who the accounts receivable point of contact is for the client, etc.
The FBI calls this type of scam Business Email Compromise and defines BEC as “a sophisticated scam that targets both businesses and individuals." It exploits the fact that so many of us rely on email to conduct business, both personal and professional.
How to protect yourself if you believe you have received a phishing email:
- Verify payment and purchase requests by calling the company directly to make sure it is legitimate. You should verify any change in an account number or payment procedures with the person making the request.
- Set up multi-factor authentication (MFA) on any account that allows it.
- Carefully examine the email address, URL, and spelling used in any correspondence. Scammers use slight differences to trick your eye and gain your trust.
- Be especially wary if the requestor is pressing you to act quickly.
For more information on how to protect your business from a Cyber Attack, we have an informational checklist available for download. 15 Ways to Protect Your Business from a Cyber Attack - Get the Checklist Now!
Teknologize is a Managed Service Provider with offices located in the Tri-Cities and Yakima, Washington, 509-396-6640 and Bend, Oregon 541.848.6072.