If there’s one thing that small business owners learn to live with, it’s risk. From the controllable (like who you hire and how you train them) to the uncontrollable (supply chain issues or an economic downturn), risk is an unavoidable piece of the business puzzle.
The good news? According to the experts at Vantage Bank, educating yourself and your team is the best course of action, especially when it comes to cybersecurity and Business Email Compromise scams.
What is a Business Email Compromise (BEC) scam?
Before we lose you to the lingo — hear us out. The tech might be complicated, but how BECs work is simple: The scammer hacks or mimics the email of your coworkers, vendors, or authority figures to trick you into sending along money or sensitive information — totally bypassing your normal safeguards.
As part of its community service and commitment, Vantage Bank constantly studies how cybersecurity scams like BECs evolve. Here are their top four tips for spotting a potential BEC:
1. Look for red flags, and don’t be afraid to ask questions.
Think: Does the sender’s address look off? Are there typos or odd phrases? Are they urgently requesting a funds transfer, account change, or sensitive information?
2. Verify the request with information on file.
If you think you see red flags, slow down and take the time to call your client or vendor using your personally verified contact information. Never use the contact information in the email.
3. Consider if the sender was hacked.
A hacked sender’s domain may still look genuine, and the details can be hard to catch. Don’t automatically trust the email address, especially if there’s a strange payment request.
4. Show it to someone you trust.
Confirm your suspicions with a second opinion, ideally from someone with a cybersecurity background.
Want more info on how to prevent your email from being compromised and used in a BEC scam? We’ve got you.
How to protect your email
- Only submit sensitive information to encrypted websites. If you’re not sure whether it’s encrypted, check for the padlock icon to the left of the website address, and whether the address URL contains “https://”
- Always log off password protected websites. Locking your workstation when you step away is a good idea, too.
- Create strong passwords. The Vantage Bank team suggests a combination of lowercase letters, capital letters, numbers +special characters.
- Beware of links in unsolicited emails and texts. A good rule of thumb here: When in doubt, don’t click.
Last tip: Knowledge is power, so host regular security training for your employees, too. We’re probably biased, but sending them this article could be a good place to start. 👀 *
