Today companies are facing complex threats to email security. According to the FBI's Internet Crime Complaint Center, the most costly form of cyber crime is a sophisticated type of fraud know as the Business Email Compromise, or BEC.
The BEC scam targets businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. The scam is carried out by compromising legitimate business email accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds.*
Here are a few tips to help protect your business' email:
- Enable multi-factor authentication (MFA)
- Use strong & unique passwords and change them on a regular basis
- Make sure your information security or IT contact is monitoring access logs and looking for login attempts from unusual locations
- Restrict access to your system via IP whitelisting, geo-blocking, and/or VPN. Don’t leave the system open worldwide for access by anyone
- Microsoft Office 365 users should run the Microsoft secure score tool to identify security gaps
- Run up-to-date anti-virus suites to help detect credential stealers
- Keep your systems and applications patched
- Leverage email or file encryption for sensitive data or communications
- Educate employees about how to spot suspicious emails and what to do if they suspect a compromise
- Ask your information security or IT contact what improvements they recommend
Additional information about fraud protection can be found at our online Security & Fraud Center.
*Federal Bureau of Investigation's Internet Crime Complaint Center