The new world of work, secured by Google.
Keep your business safer with a zero trust security model for modern collaboration – our new security guide explains how.Download The way we work has dramatically changed. We’re generating more sensitive data than ever before – and storing it in the cloud for easy access anywhere in the world. By sharing it with both internal and external collaborators, who then share it further, we are driving viral collaboration.Although this new way of working has many benefits, it also creates security challenges that legacy collaboration tools aren’t equipped to handle.In our new guide “How Google Workspace helps protect your organization,” find out how Google Workspace was built for the cloud with a zero trust approach to protect your information from phishing, malware, ransomware, and supply chain attacks.
Learn how to capitalize on The Defender’s Advantage
Understand and activate the six critical functions of cyber defense.DOWNLOAD Organizations around the world are facing increasingly sophisticated cyberattacks – and many security teams aren’t equipped to defend these attacks due to lack of resources, expertise and misconfigured tools.The Defender's Advantage is the concept that organizations are defending against attacks in their own environment. With coordinated cyber defense efforts guided by intelligence, organizations can understand their risks and improve their capabilities to reduce the impact of attacks.Read The Defender’s Advantage, an award-winning book by Mandiant, to learn how to activate the six critical functions of cyber defense, and turn the tables on cyberattackers.DOWNLOAD
Business Email Compromise Jumped 81! Last Year Learn How to Fight It
In recent years, electronic mail (email for short) has become an essential part of our daily
lives. Many people use it for various purposes, including business transactions. With the
increasing dependence on digital technology, cybercrime has grown. A significant cyber
threat facing businesses today is Business Email Compromise (BEC).Why is it important to pay particular attention to BEC attacks? Because they’ve been on
the rise. BEC attacks jumped 81% in 2022, and as many as 98% of employees fail to report
the threat.What is Business Email Compromise (BEC)?Business Email Compromise (BEC) is a type of scam in which criminals use email fraud to
target victims. These victims include both businesses and individuals. They especially
target those who perform wire transfer payments. The scammer pretends to be a high-level executive or business partner. Scammers send
emails to employees, customers, or vendors. These emails request them to make payments
or transfer funds in some form.According to the FBI, BEC scams cost businesses around $1.8 billion in 2020. That figure
increased to $2.4 billion in 2021. These scams can cause severe financial damage to
businesses and individuals. They can also harm their reputations.How Does BEC Work?BEC attacks are usually well-crafted and sophisticated, making it difficult to identify them.
The attacker first researches the target organization and its employees. They gain
knowledge about the company’s operations, suppliers, customers, and business partners. Much of this information is freely available online. Scammers can find it on sites like
LinkedIn, Facebook, and organizations’ websites. Once the attacker has enough
information, they can craft a convincing email. It's designed to appear to come from a
high-level executive or a business partner.The email will request the recipient to make a payment or transfer funds. It usually
emphasizes the request being for an urgent and confidential matter. For example, a new
business opportunity, a vendor payment, or a foreign tax payment.The email will often contain a sense of urgency, compelling the recipient to act quickly.
The attacker may also use social engineering tactics. Such as posing as a trusted contact or
creating a fake website that mimics the company's site. These tactics make the email seem
more legitimate.If the recipient falls for the scam and makes the payment, the attacker will make off with
the funds. In their wake, they leave the victim with financial losses. How to Fight Business Email CompromiseBEC scams can be challenging to prevent. But there are measures businesses and
individuals can take to cut the risk of falling victim to them.Educate Employees
Organizations should educate their employees about the risks of BEC. This includes
providing training on how to identify and avoid these scams. Employees should be aware of the tactics used by scammers. For example, urgent requests, social engineering, and
fake websites.Training should also include email account security, including: • Checking their sent folder regularly for any strange messages • Using a strong email password with at least 12 characters • Changing their email password regularly • Storing their email password in a secure manner • Notifying an IT contact if they suspect a phishing email Enable Email Authentication
Organizations should implement email authentication protocols. This includes: • Domain-based Message Authentication, Reporting, and Conformance (DMARC) • Sender Policy Framework (SPF) • DomainKeys Identified Mail (DKIM)
These protocols help verify the authenticity of the sender's email address. They also
reduce the risk of email spoofing. Another benefit is to keep your emails from ending up
in junk mail folders.Deploy a Payment Verification Process
Organizations should deploy payment verification processes, such as two-factor
authentication. Another protocol is confirmation from multiple parties. This ensures that all
wire transfer requests are legitimate. It’s always better to have more than one person verify
a financial payment request.
Check Financial Transactions
Organizations should deploy payment verification processes, such as two-factor
authentication. Another protocol is confirmation from multiple parties. This ensures that all
wire transfer requests are legitimate. It’s always better to have more than one person verify
a financial payment request.
Establish a Response Plan
Organizations should establish a response plan for BEC incidents. This includes procedures
for reporting the incident. As well as freezing the transfer and notifying law enforcement.
Use Anti-phishing Software
11
Businesses and individuals can use anti-phishing software to detect and block fraudulent
emails. As AI and machine learning gain widespread use, these tools become more
effective.
The use of AI in phishing technology continues to increase. Businesses must be vigilant
and take steps to protect themselves.Need Help with Email Security Solutions?It only takes a moment for money to leave your account and be unrecoverable. Don’t
leave your business emails unprotected. Give us a call today to discuss our email security
solutions.Article used with permission from The Technology Press.
.png "Microsoft Visio")
.png "VMware")
