Businesses are advised to stay vigilant and educate employees on how to prevent being victimized by BEC scams and other similar attacks. It’s important to know that cybercriminals do not care about your company’s size—the more victims, the better. Additionally, cybercriminals need not to be highly technical as they can find tools and services that cater to all levels of technical expertise in the cybercriminal underground. As the world relies more and more on Web services such as webmail, a single compromised account is all it could take to steal from a business. As such, here are some tips on how to stay protected and secure:
- Carefully scrutinize all emails. Be wary of irregular emails that are sent from C-suite executives, as they are used to trick employees into acting with urgency. Review emails that request transfer of funds to determine if the requests are irregular.
- Educate and train employees. While employees are a company’s biggest asset, they’re also usually its weakest link when it comes to security. Commit to training employees according to the company’s best practices. Remind them that adhering to company policies is one thing, but developing good security habits is another.
- Verify any changes in vendor payment location by using a secondary sign-off by company personnel.
- Stay updated on your customers’ habits including the details, and reasons behind payments.
- Confirm requests for transfer of funds when using phone verification as part of two-factor authentication, use known familiar numbers, not the details provided in the email requests.