In 2018, the FBI estimated that scams resulting from business email compromise, such as fake invoices and wire fraud, had cost businesses $12bn globally since 2013. Business email compromise can hurt your brand, your pocket, and your customers pockets.
We are all fans on convenience and speed. Utilising invoicing software such as Xero and integrated payment facilities such as Pinch
Payment, will ensure a hacker cannot mislead customers and send them a fraudulent invoice and bank details asking for payment. Make it
practice to double check bank details from suppliers. Pick up the phone!
For a BEC attack to be launched a scammer must first successfully phish your email to gain access. Multi-factor authentication as
a security policy will make it much more difficult for a cyber criminal to gain access to yours or your employees’ email inboxes and
therefore harder for them to launch a BEC attack.
Cyber criminals will often use email spoofing to send emails that look like legitimate messages from a person of importance email. For small
business this is often the owner or director. Running regular checks on your organization’s “spoofability” with something like KnowBe4’s Domain Spoof Test will
help you see how vulnerable your company is to email spoofing.
Regularly educate yourself and your employees about cybercrime. The Australian government offer great resources about how to stay safe online. They also provide information on the latest threats and how to respond if you are compromised.