Many scams target finance execs in smaller businesses.
22 November 2024
Rising Stars Awards 2024
Recognising the rising stars in the accounting industryThe inaugural Rising Stars Awards 2024 hosted by Accountants...
KNOW MOREMany scams target finance execs in smaller businesses.
Email attacks on businesses are up 84 per cent and SMEs are more likely to be on the receiving end, according to the latest survey.
The Email Threat Report H1 2022, by security specialist Abnormal, showed companies with 500-1,500 staff get more attacks per mailbox as scammers target specific business roles, usually executives in finance.
The report also identified a growing trend of emails “that encouraged recipients to do something unexpected – pick up their phone and call the scammers”.
They use a variety of scare tactics, such as pending charge, and if the recipient phones the number in the email they are directed to a dodgy website to download a file containing seed malware.
One cyber-security expert said fraudsters were getting smarter to combat the familiarisation of fake email links.
“Today, cybercriminals use highly sophisticated strategies to trick their victims into revealing sensitive information, sending money, or even giving access to their employer’s computer systems,” said Oliver Noble of NordLocker, an encrypted cloud storage service provider.
“One of the most dangerous cyber threats to a business is social engineering, which occurs when hackers exploit human psychology to gain benefit. Unluckily, human error remains the most common reason for cybersecurity breaches.”
He said irreparable damage could occur when just one well-constructed email was opened and acted upon by a vulnerable employee.
“The overwhelming amount of online communication has been causing many employees to be more distracted and less cautious about which emails they open and which links they click on,” he said.
“Business email compromise attacks usually impersonate a trusted colleague or even the head of a company, a partner, or a well-known service provider to convince a recipient to engage in actions such as revealing confidential data, paying fake invoices, giving away their login credentials on a bogus webpage, or deploying malicious software, such as ransomware, on the victim’s infrastructure.”
Mr Noble suggested five steps businesses should take to combat dangerous emails:
You are not authorised to post comments.
Comments will undergo moderation before they get published.