Scams against an organization may include attacks on your clients or the business itself. It can happen to anyone, regardless of the company’s size.
Scammers are skilled masters of disguise and use their tools of manipulation to make a living. They know how to compromise your email and disguise themselves as a friend or a customer. We’ve seen an increase in these types of targeted attempts to steal sensitive data. It’s important to know how to identify types of scams so that you and your business can be better protected from fraud.
We’ve listed 6 important red flags to be aware of and how to approach the situation if it happens to you:
Change in the Method of Payment or Final Destination
Receiving a request from a vendor asking for a different method of payment (ACH versus check) or being instructed to send money to a different address or bank account are key examples of potential fraudulent requests. Call the vendor or your direct contact to verify these types of requests. Do not respond to the email or call the phone number listed on the email or invoice. If the email is compromised, you could be contacting the hackers, not the vendor.
Intimidation or Urgency
Phishing attempts may be in the form of unexpected emails requesting information, money, or a call to action in an unusually short period of time. Think before you act on responding to any type of request and verify who the message is coming from.
Poor Spelling and Grammar
Emails that appear poorly written or include grammatical errors should be evaluated. A vague header or generic greeting such as, “Hello Customer”, could be a phishing email indicator. Review the sender email address, as it could look similar to the contact but may contain minor discrepancies.
Requests to Open an Email Attachment or Click on a Link
If you receive an unexpected email or receive attachments from someone who doesn’t normally send you files, think before you click. Interacting with phishing emails by opening attachments or clicking suspicious links gives hackers the ability to run malicious software that collects your sensitive information. Avoid opening, downloading, or interacting with attachments and links until you verify the email is legitimate.
Requests for Private or Sensitive Information
At first glance, these types of emails appear elaborate and look like they are being sent from a legitimate source. You must evaluate the type of information being requested and avoid clicking any links provided in the email. Emails requesting sensitive data will usually be coupled with urgency and other red flags.
Spoofed URLs and Hyperlinks
Hackers are skilled at making email addresses and hyperlinks look like something they’re not. If you’re suspicious of an email, hover over the link to see if the web address matches what is listed. Hovering over the link allows you to view the web address without actually clicking it. Check the senders address to make sure that it’s listed correctly and not a spoofed email before you respond.
One of the best ways for your business to be better protected from fraud is to be aware of these red flags and take necessary safety precautions. Click to watch the video about practical steps your business can take to protect personal information.
BOS offers products, including Positive Pay and Cyber Insurance, as resources to help protect your company from loss due to fraud. If you would like more information or have questions, our Business Services team is here to assist. Contact a local BOS branch or call 877-698-3278.