You’re no stranger to solving complex puzzles when it comes to your business. But staying protected against common scams and cyber attack threats shouldn’t leave you stumped. Here are six tried and tested steps to keep your business (and your revenue) safe from would-be hackers.
Implement robust employee training
Train employees to recognise and resist business email compromise attempts, emphasising the importance of carefully scrutinising unusual requests. For example:
When vendors or suppliers request changes to account details:
If the request is from a vendor, check for changes in business practices, such as:
Beyond this, it should be standard procedure to implement multi-factor authentication (MFA), regularly complete anti-fraud and anti-phishing training, and forward any suspicious emails or financial requests to the relevant team.
Avoid password recycling
No, “Password123” isn’t going to cut it here. Ensure your employees have a clear understanding of good password practices, including the importance of using unique passwords for different accounts. Using a password manager can help employees create, manage, and store strong, unique passwords.
Recognise the signs
“Hello [name] it’s your boss here , pls send me account details for urgent transaction.” You’ve probably been sent more than one message like this in your career – but not all scams are so easy to spot.
Train employees to identify spoofed domain names, misspelt subdomains, or suspicious links. And always encourage them to verify unusual or secretive requests through another communication platform or via the relevant team.
Keep an eye out
You can’t catch what you’re not looking for. Remember to actively monitor for signs of compromise early, as financial losses may not be noticed immediately.
You can do this by restricting login attempts and setting alerts for multiple failed MFA prompts, and monitoring changes to logging and configuration – such as unusual rule changes or new forwarding rules, which can indicate business email compromise activity.
Improve email security
Main inbox filling up with spam? Time to up the ante.
And of course, make sure you’ve got the right Cyber Insurance in place should the worst happen…
Send would-be hackers packing.
While we all wish we could wave a magic wand and banish scammers to a far corner of the internet, it’s not quite that simple. But by providing your team with the right training, implementing robust MFA policies, and having sufficient insurance in place, you’re on your way to a scam-free inbox.
Unsure whether your business is compliant with the current data protection laws and regulations? Get in touch with RiskBox to check you’re covered.
Photo by Stephen Phillips – Hostreviews.co.uk on Unsplash