Categories
Cloud Services IT Security

Red Flags: How to Spot a Business Email Compromise Scam

Simplicity and high returns—these sum up why Business Email Compromise schemes are attractive to cybercriminals. True enough, this attack vector has been greatly exploited, as evidenced by the amount of money that victims lost to it in 2016. According to a report by the FBI released in May 2016, victims lost $3 billion to BEC scams. In 2017, we predict that BEC will remain a prominent threat and will be used in more targeted scams.

One of the types of BEC scams is CEO fraud, wherein the perpetrators spoof or hack into the e-mail of an organization’s executive in order to initiate a fund transfer to their own accounts. While, it’s not technically sophisticated, organizations should step up their defenses against this type of scheme, and one of the ways is being able to identify the signs that an e-mail message is being used in CEO fraud. Here’s what you should watch out for to keep the threat at bay:

bec-red-flags

A spoofed sender domain

CEO fraudsters usually register a domain similar to its target. If the target e-mail is name@company.com, a scammer may use a variation such as name@company.au.net or slightly change the spelling into name@cmpny.com.

An urgent e-mail subject requesting immediate fund transfers

Based on our detections, BEC scams typically use subject lines that imply urgency regarding payment inquiries or fund transfers such as:

  • Payment  – Important
  • Payment Notice
  • Process Payment
  • Quick Request
  • Fund Payment Reminder
  • Wire Transfer Request
  • Bank Transfer Enquiry

Position of the e-mail sender

Cybercriminals employing CEO fraud typically pose as someone influential in an organization. Based on our data, e-mails used in BEC usually appear as if they came from the Founder and President, COO, CEO, and Chief Executive.

Body of the E-mail

In CEO fraud, scammers make it appear as if the fund transfer is urgently needed and should be executed as soon as possible. In addition, pay attention to e-mails asking for fund or wire transfers to an account that’s different from ones normally used for that specific transaction.

A message may appear out of place or it may be timely as BEC scammers use social engineering tactics in order to create believable messages, hoping to persuade victims to just act on the supposed request without verifying it. That’s why it’s always important to err on the side of caution, especially when corresponding over e-mail regarding matters involving funds, payments, transfers, and other crucial information.

BEC Safety Tips

While these red flags seem obvious, in most cases, they are harder to identify. BEC perpetrators design emails to be as realistic as possible. For instance, email domains may be spoofed to mimic the ones used by the target organization or those used by legitimate companies. Scammers also use social engineering and other information gathering methods to be more familiar with the ins and outs of an organization.

Aside from being on the lookout for these signs, here are tips on how you can further protect your organization from BEC:

  • Always verify. It always pays to confirm details with the parties involved, especially when it comes to messages that involve fund transfers. It’s also important to note that some BEC schemes are employed using a hacked account, which further stresses the need for protocols that include verification other than email. Non-email methods may include communicating via phone, text messaging, and chat programs or applications.
  • Instead of clicking on Reply, use the Forward feature and type in or select from your contacts list the e-mail address of the person you’re replying to. This is to ensure that you are not replying to a spoofed address.
  • Have mail security solutions in place. The tricky part with e-mails used in BEC scams is they don’t necessarily carry a malicious payload. With that being said, it’s advisable to go for solutions that not only detect dangerous attachments but also have social engineering correlations and a context-aware approach to email detections.

The naked eye can only do so much in trying to spot a BEC e-mail, and having email security solutions can help greatly in thwarting BEC schemes.

Credit: Trend Micro https://www.trendmicro.com/

Categories
Cloud Services

Office 365 in 2023: New Features to Enhance Productivity, Collaboration, and Security

Office 365 has been a go-to productivity suite for millions of people worldwide. It offers an array of features that make everyday tasks such as document creation, email management, and scheduling appointments much easier. As technology continues to advance, Microsoft is always looking for ways to improve its product, and 2023 is no exception. Here are some of the new features coming to Office 365 in 2023.

  1. Enhanced Collaboration Tools Office 365 has always been known for its collaborative features, but Microsoft is taking it up a notch with the introduction of new and improved tools. Users will now have the ability to co-author documents in real time, make comments, and provide feedback to their colleagues. The enhanced collaboration tools are designed to streamline communication and increase productivity.
  2. Improved Security Features Security is a top priority for businesses, and Microsoft is addressing this concern by introducing new security features. One of the new features is the ability to restrict access to files and folders based on user roles, which is particularly useful in organizations with multiple departments. Additionally, Office 365 will offer more granular control over user permissions to minimize the risk of data breaches.
  3. AI-Assisted Productivity Tools Artificial intelligence (AI) is becoming increasingly prevalent in modern-day applications, and Office 365 is no exception. Microsoft is integrating AI-assisted productivity tools such as Cortana and Microsoft Graph into Office 365. These tools will help users automate repetitive tasks, manage their schedules, and find relevant information faster.
  4. New Data Management Capabilities Microsoft is adding new data management capabilities to Office 365 to make it easier to work with data. These features include improved data visualization tools, advanced data analysis capabilities, and a new data insights service. These tools are designed to help users extract meaningful insights from their data and make informed business decisions.
  5. Enhanced Mobile Experience Office 365 has always been available on mobile devices, but Microsoft is making significant improvements to the mobile experience. The company is introducing a new mobile app that will combine all Office 365 applications into a single, easy-to-use interface. Additionally, the new app will feature improved touch and gesture controls to make it easier to use on mobile devices.

Microsoft is continuously improving Office 365 to meet the changing needs of businesses and individuals. The new features coming in 2023 will make it easier to collaborate, increase security, boost productivity, manage data, and work on mobile devices. These features will undoubtedly enhance the overall user experience and make Office 365 an even more powerful productivity suite.

Categories
Cloud Services Security

Common security issues from fake emails

CEO Fraud Scams and Invoice Redirect Scams are two common types of cyber scams that have been on the rise in recent years. These scams can be particularly damaging to businesses, as they can result in significant financial losses. In this blog post, we will discuss these scams in more detail and provide tips on how to prevent them, specifically in the European or Irish market.

CEO Fraud Scams: CEO Fraud Scams, also known as Business Email Compromise (BEC) scams, involve criminals impersonating a CEO or another senior executive of a company to trick employees into making fraudulent payments. These scams can take many forms, including fake invoice requests, requests for wire transfers, or requests for employee payroll information.

To prevent CEO Fraud Scams in the European or Irish market, businesses should:

  • Train employees: Educate your employees on the dangers of these scams and how to identify them. Teach them to verify requests through a separate channel before making any payments.
  • Implement strict verification procedures: Implement strict verification procedures for all payment requests, including requiring multiple levels of approval and verification by phone or in person.
  • Limit access to sensitive information: Limit access to sensitive information, such as employee payroll information and financial records, to only those who need it to perform their job duties.

Invoice Redirect Scams: Invoice Redirect Scams involve criminals impersonating a supplier or vendor and sending a fake invoice to a business, requesting payment to a different bank account. These scams can be particularly effective as they appear to be legitimate and often use realistic-looking logos and branding.

To prevent Invoice Redirect Scams in the European or Irish market, businesses should:

  • Verify all payment requests: Before making any payments, verify the authenticity of the invoice and the payment instructions by contacting the supplier or vendor directly using a known phone number or email address.
  • Implement two-factor authentication: Implement two-factor authentication for all online payments, requiring an additional verification step to prevent unauthorized access to payment systems.
  • Monitor financial accounts: Regularly monitor your business’s financial accounts for any suspicious activity, such as unauthorized payments or transfers.

In conclusion, CEO Fraud Scams and Invoice Redirect Scams are two common types of cyber scams that businesses in the European or Irish market should be aware of. By implementing the prevention tips outlined in this blog post, businesses can protect themselves from these scams and prevent financial losses. Remember to stay vigilant, educate your employees, and verify all payment requests to keep your business safe.

Categories
Cloud Services

SME’s and using IT Cloud Services

Cloud services have become an essential part of the modern business landscape, and for good reason. These services provide a cost-effective, scalable, and flexible way for small and medium-sized businesses (SMBs) to access the tools and resources they need to succeed.

One of the main benefits of cloud services for SMBs is the ability to pay for only the resources you use. Rather than investing in expensive hardware and software upfront, you can access the tools and services you need on a pay-as-you-go basis. This can help reduce upfront costs and allow you to better control your budget.

Another key advantage of cloud services is the ability to scale up or down as needed. If you experience a sudden increase in demand, you can easily add more resources to your cloud environment to meet the demand. This is particularly useful for SMBs that might not have the budget or resources to invest in additional hardware and software upfront.

Cloud services also offer a level of flexibility and mobility that is hard to beat. With the ability to access your tools and resources from anywhere with an internet connection, you can work from anywhere, at any time. This can help improve productivity and allow you to better serve your customers.

There are a wide variety of cloud services available to SMBs, including cloud storage, cloud computing, and cloud-based business applications. By leveraging the power of the cloud, SMBs can gain a competitive advantage and better position themselves for success in the modern business landscape. So, it is always a good idea for small medium businesses to consider cloud services as a viable option for their operations.

Remote Support

Remote Access to your PC
60
00
+ VAT
  • Inital Check
  • Up to 40 mins
  • List Item #3
Popular

Remote Support

Remote Access to your PC
90
00
+ VAT
  • Inital Check
  • Up to 80 mins
  • List Item #3

Remote Support

Remote Access to your PC
120 + VAT
  • Inital Check
  • Up to 120 mins
  • List Item #3
Popular

Remote Support

Remote Access to your PC
160
00
+ VAT
  • Inital Check
  • Up to 40 mins
  • List Item #3