Security - Taking Care of Business

What if a bank took protecting your business as seriously as you do? Welcome to the fraud squad.

Your business's best defense against fraud is YOU – we encourage you to learn as much as you can so that you can recognize red flags and fight fraud. A quick tip is to be more suspicious... Ask questions about unsolicited emails containing links or attachments, verify requests for information, and confirm changes to existing data. Protecting your business is the best way to continue taking care of business.

Learn more about fraud and scams at one of our community fraud seminars!

Business Email Compromise

Email accounts, both personal and business, are often targeted by scammers as a way of taking over your computer or device, installing hidden spyware, or tricking you into giving up your personal identifying information. Some hackers may try to take over your accounts altogether.

Fraudulent emails may seem to come from reputable sites but carry bad links taking you to fake login sites or attachments that install unwanted software. These bad emails will often have typos or a sense of urgency and could target a business or an individual.

Stay alert to warning signs that your business email accounts are at risk:

• Emails with typos in the sender, body, or links.
• Unsolicited emails asking you to update or verify account information.
• You can't log into your email account.
• Your Sent folder has messages you didn't send or has been emptied.
• Customers, employees, friends, or family are getting emails you didn't send, sometimes with random links, fake invoices, or fake please for help or money.

Some ways to protect your business email accounts are:

• Use strong passwords for your accounts and turn on multi-factor authentication.
• Never give out your username and password.
• Install and update security software, use a firewall, and enable automatic updates on the security of your devices.
• Regularly check your accounts settings:
  • Check your email signature for unfamiliar links.
  • Check for and delete any "rules" you didn't set up on your email accounts like automatic forwarding.
• Review your email Sent, Trash, and Deleted folders regularly for emails you don't recognize.

Here are some tips to safely use business email accounts.

Business Email Compromise Online Privacy and Security Phishing Scams

Ransomware

Scammers have developed a malicious software, or computer virus, designed to encrypt data and prevent you from accessing your computer system or files until you pay a ransom to get an unlock code. Most often, you unknowingly download ransomware by opening an unsolicited email attachment, clicking an ad, following an unknown link, or even visiting an infected website. Learn more about ransomware with this FBI resource page.

Ransomware is effective because it instills fear and panic, causing you to pay the ransom. Ransomware can lead to many negative consequences, including temporary or permanent loss of information, operational disruption, financial loss, and potential reputational harm.

Want to work to prevent a ransomware attack? Here are some options for you and your business.

• Back up your data and keep it secured. Don't store it on the same network or system.
• Use the most current versions of operating systems, software, and applications and keep them up to date.
• Use anti-virus software and set it to automatically update and run regular scans.
• Don't click on unsolicited links or attachments in emails.

You won't know if you're infected with ransomware unless you're no longer able to access your data or you start to get computer messages about the attack with payment demands. If you believe your system is infected with ransomware,

• Disconnect from all networks - Unplug ethernet cables and disable Wi-Fi or any other network adapters.
• Disconnect external devices immediately - Disconnect USB drives or memory sticks, cell phones, cameras, external hard drives, or any other devices that could also become compromised.
• Report the incident - Contact your local FBI field office, submit a tip online, or file a report with the FBI's Internet Crime Complaint Center (IC3).

You have a partner in the FBI to fight ransomware attacks.

Ransomware

Payroll Diversion Scam

Payroll diversion is a type of payroll fraud where cybercriminals impersonate actual employees by sending phishing emails or calling human resources and payroll practitioners to request changes to existing direct deposit information. Should you follow through with the false request, the employee's payroll is deposited to the criminal's account rather than paid to the employee.

You can avoid falling for this scam by confirming payroll direct deposit changes with the employee directly - by phone, in person, or via a new email. If you receive a phone call asking for a change, don't give out any information to the caller without validating their identity. Never click on any links or open any attachments in messages you aren't expecting.

To report payroll diversion fraud, talk to your human resources or payroll processing representative and contact your local FBI field office, submit a tip online, or file a report with the FBI's Internet Crime Complaint Center (IC3).

The FBI has these recommendations to prevent payroll diversion.

Payroll Diversion

We'd be a terrible business partner if we didn't mention that we've got services available to help you mitigate fraud on your accounts. If you'd like, we can give you information to make the best decisions for your business needs. Let us know if you'd like to chat!

Don't forget to maintain a good work-life balance... learn about protecting YOU with these links (don't worry, we verified them for you).

Our Security Your Security Common Scams Your Resources REPORT FRAUD

Takin' care of business every day in every way... Contact us if you have questions or comments.