For the last two years this has been a growing threat to small businesses. It is a phishing e-mail, whereby the hacker poses someone of authority, your boss, the CEO, the CFO, the IRS, etc. and asks you to send either your employees HR data, ex. W-2 information, customer information, send money or buy gift cards. The things to look for in identifying a BEC attempt is:
- Usually sent off hours or right before you are about to leave for the day.
- Has the appearance of being from someone you know, work with, or government agency, but is usually from a g-mail, yahoo, or some other free e-mail domain and not a business domain.
- Has a sense of urgency, and asking you to take immediate action.
- May be written in odd English or European style English.
- The message in the e-mail is usually short and to the point, and may be trying to start a conversation to gain your trust. E-mail #1 might say "Are you in the office?" Which will cause you to respond "Yes", then E-mail #2 says "Great, I need you to send (money, gift cards, data) urgently. More likely than not will have the word "Kindly" as in "Kindly send,,,".
- The e-mail will probably be asking you to do something out of the ordinary. (This is where the red flashing lights should start going off in your head)
Security Tip: Always pick up the phone and call a number (that you already have on file) and verify with the person sending the e-mail is who you think it is and not a hacker. As for the IRS,,they will never e-mail you asking for anything. They used certified/registered mail for official business.
A good rule of thumb is, if an e-mail seems strange, or is requesting something that is not normal procedure, it's probably a scam.
Be Secure!
@tjmprofessional
Be Secure!
@tjmprofessional
No comments:
Post a Comment