- Overpayment Scam: Protect Your Business from Scammers
- Protect Your Business From 3 Common Bitcoin Email Scams
- Cyber Terrorism: How Insurance Can Help Mitigate Damages
- Cyber Liability Insurance – Network Asset Protection Coverage (Video)
- Data Breach and Your Damaged Reputation
- Cyber Liability Insurance – Security and Privacy Liability Coverage
- Common Data Threats and Vulnerabilities
- PCI DSS Compliance and Cyber Liability Insurance
- Cyber Liability Insurance – Privacy Breach Response Coverage (Video)
- Upgrade Your Internet Security: Risky Cyber Behaviors to Avoid
- Password Security Tips
- Top 3 Data Breach Myths (1/4)
- 8 Tips to Prevent Data Breach (2/4)
- How to React to a Data Breach (3/4)
- Protecting Your Business from Costly Data Breach Damage (4/4)
- Private: Will you be Blindsided by a Data Breach?
- 7 Common Causes of Data Breach
- Hacked! How to Comply with Data Breach Notification Laws
- Private: Video: Dealing with Data Breach
- Password Storage Solution
- Best Practices When Connecting to Public Wireless Internet
- PHISHY PHONE CALLS
- Don’t Be a Victim of Email Scams
- Password Best Practices
- What Your Business Needs to Know About Ransomware and Cyber Extortion
- Multimedia Liability Insurance Coverage
- Cyber Liability: Privacy Regulatory Defense & Penalties Coverage
- How to Keep Your Restaurant Safe From Cyber Threats
- How to Report Data Security Incidents
- How to React to a Payment Card System Data Breach
- Email Security Best Practices: Do’s and Don’ts of Email Use
- Cyber Claims Digest for 2020 Planning
- Scams on the Rise Amid Coronavirus Crisis
Email is commonplace in the business world, with over 108 billion emails sent and received per day. The fact that emails are circulating in big numbers makes them a good target for scammers. We all need to be careful when opening emails.
Consider this scenario that was recently brought to my attention:
I was made aware of strange emails that several employees received from people that we do business with on a regular basis. Coincidentally, these emails were coming from separate individuals and separate companies meaning this was not an isolated incident. The emails seemed strange because the messages were very short – not common for the senders – and included links or attachments.
It turned out that the sender’s email accounts had been compromised (more than likely the person’s password was guessed or stolen) and a hacker was sending emails to everyone in the person’s address book asking the recipient to “click here.” If the recipient did click, they would then be redirected to a webpage where they were asked to enter their username and password. What makes these particular cases difficult is that the sender accounts are valid and familiar – technology cannot always protect against these conditions.
So what can you do in these situations?
It is all about using your best judgment and questioning odd or sensitive situations. Although most requests that we receive in our everyday life are valid, the need to pay extra attention applies when:
- You are asked to click on a link or file within the email.
- You are asked to enter a username and password.
- You are asked to provide sensitive, confidential, or personal information.
Some other things that will help with protecting yourself, the company, and others are:
- Use different passwords for all accounts and never use your actual Windows password for other accounts. This way if a password does get compromised, the hacker does not gain access to every system you have access to.
- Make sure you have good passwords that are strong and complex. Use a minimum of 8 characters with a mix of numbers, special characters, uppercase letters and lowercase letters.
- Always protect your passwords. Don’t write your passwords down, don’t share your passwords or allow others to login as you, and don’t email passwords.
- If something seems strange, it probably is. Always verify things if they seem questionable.
- If you are verifying the person on the other end, don’t simply “reply” to the email. Call them at a known and valid number or send a separate email to a known and valid email address.
Don’t hesitate to dig deeper to protect your security. The extra few minutes of validation are always worth it.