Email Fraud: How to Recognize & Avoid It

Last year set a new record for cyberattacks, with an incident occurring every 11 seconds. 2021 has highlighted the importance of businesses taking measures to avoid and prevent cyber threats.

With more businesses moving to online platforms, cyberattacks have evolved to intercept daily operations in clever ways. Cybercriminals often choose busy organizations because they know a distracted employee is more likely to fall into their trap. However, your business can prevent 100% of cyberattacks by practicing these three steps: Stop. Look. Think.

Below are some common examples of cyberattacks that befall small businesses. The DCi team has also listed our recommendations to sidestep these attempts.

Unexpected Emails
Be cautious if you ever receive an email you weren’t expecting, even if it looks innocent. Strange emails from an online organization or service could be tricking you into clicking on a malicious link or sharing your private information.

When faced with an unexpected email, ask these questions: Is this sent from a credible membership of yours, such as your bank or Amazon account? Did you opt in to receive emails or newsletters? Did you enter a contest or auction bid?

Always verify an email’s legitimacy before interacting with it. You can do this in a roundabout way such as visiting the company website (open up a separate search browser to do this; do NOT click on a website link in the email). If you have a membership, log into your account to determine if there has been any activity.

Strange Employee Requests
It’s not difficult for a cybercriminal to impersonate someone in your business. These sorts of attacks may take the form of a manager or owner asking you to send a password, share the company bank account or buy something with the company card.

If an email from a boss or coworker feels strange to you, reach out to that individual in person or through their personal number and ask about the email.

Business Email Compromise (BEC)
BEC occurs by impersonating another business like your bank or one of your vendors to access your private information. These attacks often target the finance and sales departments, but they could befall anyone at your store.

Be cautious of any emails you don’t recognize, even if they seem legitimate. Verify them first by requesting proof of identity and employment or directly contacting the organization. If you get a bad feeling, report the email to your IT service.

“Free” Streaming Offers
Very few streaming services are free, so beware of emails claiming you can stream a newly released show or film without charge. Fake streaming offers typically direct you to a credible-looking viewing platform that will eventually ask for your payment and personal information.

Don’t click on emails, social media posts or website popups that are promoting a free pass on a service you normally would pay for. Instead, visit the official website to get more information and only use trusted sites to stream your content.

Train Your Team to Report Cyberattacks
Preventing cyberattacks is a team effort, as it only takes one person to make a costly mistake. Establish company-wide guidelines to help your team identify and report cyberattacks. Awareness should be the foundation of your protocol. Make it a habit to ask fundamental questions: Was this email expected? Is it appropriate for your job role? Can you verify the message or organization by visiting the website, contacting customer service or logging into your account? If you can’t answer “yes” to all of the above, take precautions and report the email to your IT service.

Remember to stop, look and think. Taking an extra minute to verify every incoming email can save your business a lot of trouble and time in the long run.

DCi cares about your cybersecurity. If you have concerns about dealing with a cyberattack, please contact DCi today.