Michael Kahn

Business Solutions Group has been serving the Mt. Prospect area since 2009, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Tip of the Week: How to Protect Yourself from Invoice Impersonation

Tip of the Week: How to Protect Yourself from Invoice Impersonation

As cybercriminals become increasingly sophisticated in their methods of attack, it is important that your staff--the ones on the front lines--are educated to spot these attempts and know what to do if one is encountered. In order to spot these attacks, it is important to know what to look for.

Unfortunately, the increased sophistication of these attacks have made them harder to spot and resultantly, harder to avoid. This has led to a rise in the use of an attack vector known as an invoice impersonation attack. When utilizing these attacks, a cybercriminal will send a message under an assumed name (often one that belongs to a regular contact in actuality) that includes an invoice number and a link, presumably to download the invoice.

However, rather than downloading the invoice, as expected, the target of an attack will discover that they have actually downloaded some malware. This is often how ransomware is introduced into a system.

Warning Signs
To avoid falling victim to an invoice impersonation attack--or any form of email phishing or fraud--your users should know to keep their eyes out for any warning signs.

Messages containing a payment request and link
One of the bigger security issues with the concept of email is the fact that most users can only take it on good faith that the message comes from the person it appears to have. There is no voice to identify as someone else’s, and no handwriting to compare to the actual person’s.

Therefore, if an email comes from someone with a request for payments to be made, with a link to what is claimed to be a payment portal, don’t click. You might have just dodged a ransomware program delivered via a phishing attempt.

How to Protect Your Business (with the Help of Your Employees)
Phishing attacks, including invoice impersonation attacks, rely on their target to trust the content enough to not question if the sender is who they say they are. As such, they can be avoided with a little mindfulness on the part of your employees.

Make sure your employees know to keep an eye out for risk factors. Requiring regular training sessions as well as testing their cybersecurity mindfulness will help to keep awareness alive and well among your staff members.

Furthermore, you should have updated spam filters and malware blockers installed to help minimize the risk that these messages even make it to your staff in the first place. This is where Business Solutions Group can help.

If you’re interested in the solutions we have that can help make cyberthreats a non-issue, give us a call at 866.546.1004.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, 20 January 2019
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Newsletter Sign Up

  • First Name *
  • Last Name *

      Mobile? Grab this Article!

      QR-Code dieser Seite

      Blog Archive

      Recent Comments

      Businesses that Value Mobility Will Want to Adopt 2-in-1 Devices
      19 January 2019
      Your blogs further more each else volume is so entertaining further serviceable It appoints me befal...
      Charity Scams Are Very Real. Here’s How To Dodge Them
      09 December 2018
      Your blogs further more each else volume is so entertaining further serviceable It appoints me befal...
      Charity Scams Are Very Real. Here’s How To Dodge Them
      08 December 2018
      To say the truth I am very impressed by what you told. You share tons of interesting info, neat and ...
      Charity Scams Are Very Real. Here’s How To Dodge Them
      07 December 2018
      Thank you for the sensible critique. Me & my neighbour were preparing to do some research about that...
      Charity Scams Are Very Real. Here’s How To Dodge Them
      06 December 2018
      I was very impressed by this post, this site has always been pleasant news Thank you very much for s...

      Upcoming Events

      No events