facebook linkedin twitter

Tip of the Week: Protecting Your Company from Invoice Impersonation

Tip of the Week: Protecting Your Company from Invoice Impersonation

While you should be sure to keep yourself apprised of threats, it could be argued that it is even more important for your employees to be aware of them. After all, they are the ones utilizing your business’ workstations, software solutions, and even Internet-based apps to facilitate their daily duties. You need to make sure that your employees are able to spot attacks and react to them properly.

While many of today’s employees do have to undergo some sort of security training as part of their employment, the increased sophistication of these attacks makes them more difficult to spot; and, subsequently, harder to react to. One of the most common ways that this occurs is through invoice impersonation attacks. These attacks send customized emails under an assumed name--usually one that is a real-world contact--that includes a link to an online invoice, where the user can download the invoice.

Instead of downloading the invoice, the victim downloads malware to their device. Ransomware is often spread in this fashion, hoping that the victims will download the invoice in a state of panic, wondering what in the world they are being billed for.

Warning Signs
To keep yourself from being tricked by an invoice impersonation attack, or any other type of phishing email, the best route is to provide training and remain aware of the warning signs.

One of the most common ways a hacker will take advantage of email is by sending a message demanding payment, with a link to make things convenient for the user to do so. The problem with email is that the user is forced to take it on good faith that the message comes from the proper recipient. If it were a phone call, you might recognize that the voice is different from whoever should be calling, and if it were a handwritten message, you might notice a discrepancy--but with a message with no identity, it gets considerably more difficult to identify a falsified message.

If you ever receive an email claiming to be from someone who needs a payment from you, there’s a good chance that the link leading to a “payment portal” is just a link to a ransomware program or other type of threat.

Securing Your Business
Phishing attacks naturally rely on the victim trusting the impersonation, so you can take advantage of this opportunity to sow the seeds of distrust--that is, to train your employees to identify emails and distrust anything suspicious that they receive in their inboxes. Your employees should always be wary of risk factors, but they should also attend regular training sessions that test how much they remember about cybersecurity best practices.

You can also take it one step further by implementing spam filters, malware blockers, and other security solutions designed to prevent infections in the first place. If you minimize the chances that your employees are exposed to threats in the first place, they are less likely to make a mistake that has great ramifications for your network security.

Computerware can equip your business with enterprise-level security solutions designed to augment and maintain network security for small businesses. To learn more about how you can manage the risk associated with security threats, reach out to us at (703) 821-8200.

The Cloud: What Is Missing?
Is Your Mobile Data Safe?


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Saturday, January 19, 2019

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Privacy Internet Cloud Software Business Computing Hackers Business Management Microsoft Data Workplace Tips Backup Managed Service Provider Productivity Hardware Business Network Security Saving Money Malware Email IT Services Hosted Solutions Efficiency IT Support Google Small Business Computer Quick Tips Mobile Devices User Tips Smartphones Gadgets Innovation Business Continuity Disaster Recovery Android Social Media Microsoft Office Mobile Office Virtualization Network VoIP Data Backup Mobile Device Management Server Collaboration Communication Smartphone Productivity Miscellaneous Data Recovery Ransomware Upgrade Windows 10 Tech Term Unified Threat Management Windows IT Support Facebook Holiday communications Remote Monitoring Operating System Passwords Managed IT services Cybersecurity Mobile Computing Vendor Management BYOD Apps Remote Computing Users WiFi Phishing BDR Marketing Mobile Device Analytics Automation The Internet of Things Apple Outsourced IT History Firewall Browser Internet of Things Save Money Alert Artificial Intelligence Data Management Managed IT Services App Encryption Big data IT Consultant Content Filtering Bandwidth Maintenance Going Green Printer Office Bring Your Own Device Health Antivirus Spam Gmail Outlook Hard Drives Windows 8 Cybercrime Best Practice Information Technology Saving Time Lithium-ion Battery Windows 10 Managed IT Virus Cost Management Tech Support Office 365 Help Desk Wireless Technology Budget Search Two-factor Authentication Cloud Computing Hiring/Firing Business Technology Blockchain Recovery Employer-Employee Relationship Computers VPN Travel IBM Hacking Training Update Access Control Phone System Money Document Management Government Managed Service SaaS Website Running Cable Proactive IT Law Enforcement Humor Compliance Intranet Twitter Data storage Education Information Risk Management Hard Drive Healthcare Administration Networking Legal Save Time Mobility Customer Service Regulations Applications It Management Disaster Company Culture Computing Patch Management Hosted Solution Computer Repair Data Loss End of Support iPhone Fax Server Scam Robot Social Networking Securty Word Machine Learning Data Breach Excel Value Telephone Systems Solid State Drive Password Cortana Digital Project Management Customer Relationship Management Black Market Augmented Reality Flexibility Hacker Websites PowerPoint Cryptocurrency Laptop File Sharing Business Growth Business Intelligence Google Maps User Current Events Digital Payment Social Router Downtime Social Engineering Paperless Office Wireless Data Security Avoiding Downtime Sports DDoS Comparison Tablet How To Storage Trending Private Cloud Mouse Download Conferencing Lifestyle Pain Points Programming Retail IT service Statistics Telephony Redundancy eWaste Network Congestion Microchip Taxes Monitoring Vendor Distributed Denial of Service Evernote Bluetooth Streaming Media Public Cloud Management Start Menu Tech Terms Gaming Console Processors Vulnerabilities USB Google Docs Identity Theft Mobile Technology Experience Text Messaging Presentation Net Neutrality Software as a Service Webcam Uninterrupted Power Supply Monitors Chrome Cleaning Office Tips Virtual Desktop Virtual Reality Specifications Safety Politics User Error Automobile Co-managed IT Emails Bitcoin Documents Data Protection YouTube Computer Accessories Chromebook Heating/Cooling Computing Infrastructure Hack Inbound Marketing Unified Communications Entertainment Settings Fiber-Optic Database Drones WannaCry Downloads Adminstration Pirating Information HTML LinkedIn Directions Rental Service Meetings Leadership PDF Corporate Profile SSID Cabling Mobile Security Dark Web Time Management Web Server Freedom of Information Telephone System Books Workers Software License Trends Best Available Keyboard Archive Health IT Wi-Fi Assessment Administrator SharePoint Multi-Factor Security Cost Permissions Language Skype Processing Fraud Tactics Best Practives Google Calendar Devices Domains Managed IT Service Supercomputer Tip of the week Music Point of Contact VoIP Worker UTM Content switches Writing Public Speaking Bookmark Touchscreen News Google Play Reading Knowledge Samsung Upselling IT Plan Enterprise Resource Planning Upgrades Shortcut Consultation Legislation Error Microserver email scam Addiction Entrepreneur G Suite Technology Tips Video Surveillance Accountants A.I. LiFi Troubleshooting Processor Employer Employee Relationship Virtual Assistant Environment Analytic Audit Licensing Multi-factor Authentication HIPAA Recycling Browsers Hacks Physical Security Fake News Saving ZTime Get More Done Product Reviews Security Cameras Relocation Tablets Migration Connected Devices Printer Server Deep Learning Competition User Tip Banking Botnet Data Warehousing Wireless Headphones Telephone Turn Key Electronic Payment Work/Life Balance Network Management Trojan Read Access Sync Debate Equifax Fleet Tracking Visible Light Communication Business Owner Memory Navigation Emergency Hard Drive Disposal Harddrive Computer Care GPS Device security MSP Organize IT consulting IP Address Data Analysis Notifications CCTV Microsoft Excel GDPR Reliable Computing Desktop Finance Application Device Management Business Metrics Google Drive Computer Malfunction Windows Server 2008 External Harddrive Nanotechnology Social Network Human Resources Business Cards Service Level Agreement CIO Content Management Spyware In Internet of Things Mobile Payment Startup Asset Tracking Advertising Flash Business Managemenet Tech Vulnerability Backup and Disaster Recovery Staffing Google Wallet Electricity Printing 3D Ebay Username Windows XP Fileless Malware Thin CLient Unified Threat Management Society Modem Scalability Gamification Webinar Digital Signature Displays online Currency Proxy Server Motion Sickness Windows 7 Smart Phones Screen Reader Customer Resource management Piracy Upload Teamwork Micrsooft Electronic Medical Records cache Television Smart Tech Distribution Term Messenger Tracking Managing Stress CrashOverride Regulation Cooperation Capital Medical IT Productuvuty 3D Printing Printers