How to avoid a $4,000,000 lawsuit
Updated: Jan 24
According to the FBI, Business Email Compromises (BECs) cost business owners more than $1.8 billion every year.
What’s a BEC?
A business email compromise is any form of email attack and is one of the most financially damaging types of cybercrime. BECs are emails and social engineering tactics designed to attack businesses and trick unsuspecting users and executives into performing an action under the guise of legitimate business activity. One example is when threat actors send an email to a personal assistant, or office manager, disguised as the executive, instructing them to purchase gift cards from a local store and send them to a particular address. Another example is where the user or executive receives a finely crafted email that baits them into clicking on a button to change a password. Unbeknownst to them, the button they click on triggers a download of a virus such as a ransomware app, and then it’s all downhill from there.
How Should You Protect Your Business?
Here are four steps you can take to protect your business from a BEC.
Step 1: Deploy Security Awareness Training (SAT) to everyone in your organization.
In today’s world, your business is only as strong as your weakest link. If your weakest link is determined by how well you prepare your staff for a cyber breach, then we strongly encourage that you adopt an annual Security Awareness Training program that delivers the awareness your staff needs so they understand how to look for and handle threats such as a phishing email in their inbox.
Many employees don’t know to check things like who the Sender is, or to hover their mouse over a Link to verify it’s legitimate, or how to properly check Attachments before saving, or opening them, or what text to look for in a Message that indicates something isn’t right. We call this the SLAM method, and we use it every day to filter our email messages before clicking on anything.
Integotec offers an affordable Security Awareness Training program that many businesses find most helpful to solving the “weakest link” problem. It also saves them money on their cyber insurance bill by showing the annual completion of a credited Security Awareness Training program.
Step 2: Install advanced security software called Endpoint Detection & Response (EDR) on your business computers.
Many IT managers and business owners believe that traditional “Antivirus” (AV) software is good enough. Some people believe their Macs don’t get viruses, or that it’s not that common so they don’t need any protection. That couldn’t be more wrong and here’s why.
Whether you use a Mac or a PC, cyber criminals can easily find new vulnerabilities or evade traditional antivirus software. If you’re not using an advanced security solution on your Mac or PC, you would never know if a bad actor compromised your computer.
So how do attackers manage to take over your computer? They deploy more sophisticated malware categorized as an Advanced Persistent Threat (APT). These APTs are stealthier and cause more damage to the organization they’re attacking.
Thankfully, there are advanced security solutions that are worth their weight. We’d be happy to recommend which is right for you.
Step 3: Deploy Email Threat Protection to filter your Google Workspace, Microsoft 365, or other cloud email service.
Most cloud email services provide SPAM protection; however, threat actors are smart enough to evade these protections. Having Email Threat Protection will provide your business with an added layer of security that not only blocks most of the SPAM emails but also detects and mitigates malware and other threats before they land in your inbox.
Step 4: Deploy an Internet Filter on your network gateway device to block undesired and malicious websites.
Since many email threats include malicious links, we highly recommend you have an Internet Filter deployed just in case a malicious email gets through and a user or executive clicks on a link. Internet Filter protection redirects the URL and detonates the link in a secure sandbox, before putting your endpoints at risk. The Internet Filter can also be used to block undesired websites, with a myriad of configurable options under a policy.
If you’re like most IT managers or business owners, you know protecting your business is critical. You can’t afford a loss. But, who has the time?
We know what it’s like to be so bogged down with day-to-day operations, that you don't have time to address these important layers of security.
That’s why Integotec was founded — to help businesses overcome technology challenges, save you time and money, and protect you from cyber threats.
Ready to take action now and start protecting your endpoints and users? Give us a call at (541) 527-4460. We’d love to help.