Fake Invoice Email Scams and Office 365
WATCH VIDEO HERE
The fake invoice scam has been impacting an unbelievable amount of businesses lately costing £000’s every day.
Every other day there is a business hit with this type of attack and losing money to the bad guys. There are two ways this can happen. Either the attacker is impersonating one of your colleague or a supplier. The second way is your colleague’s or supplier’s email account got compromised. When the email account gets compromised they create a custom rule to forward all the emails from a certain sender to another email outside the organisation so that the recipient never sees them. In both cases, the attacker requests the funds to be transferred into a different bank than the normal bank. How to combat this?
First and foremost is the business process. Whenever there is a request to transfer funds to a new bank the sender should verify the bank details by calling the recipient. The simple and effective process would save millions of pounds to many UK businesses. We are assuming you are using Office 365 and a few other Office 365 technical measures that can help the recipient end are:
- Warn users of the external emails
- Create alerts when the forwarding rules are created
- Enforce 2-factor authentication
- Enable Anti-spoofing
- Educate your employees
These measures may sound rudimentary but there is a surprisingly large number of businesses that don’t have these in place and been a victim of this scam.
It is also a really good idea to consider going through the Cyber Essentials Certification that will ensure you have basic security controls in place before this happens to you.
We don't want this happening to your business. If you need any further help please reach out.
- How to get your cyber security budget approved by the board
- The TechForce Sponsorships
- How to start a career in the security industry
- Protecting your business in the cyber security era
- Secure Your Supply Chain
- Case study: British Airways Fined £183.4million for Data Breach
- The Silver Bullet in Cyber Security
- Is it a good idea to build your own Security Awareness Training platform?
- How to apply for the Cyber Essentials Voucher Scheme
- 5 things to consider when selecting a Security Awareness Training (SAT) platform
- 2 Years, Marmite and £600,000
- What is Business Email Compromise (BEC) and how to stop it
- Everything you need to know about Cyber Essentials
- Cyber Essentials Demystified
- How to choose a Security Awareness Platform
- How to pick the best Antivirus software for your business
- 6 Quick and Easy Email Security Tips for Dummies
- How to carry out a baseline email phishing test
- Hackers On Tour
- How to share passwords safely in your Small Business
- In the news - Warning. North Sea firms likely already attacked
- 10 Steps to Cyber Security
- 5 Reasons why you should consider having two monitors
- What is Email phishing & why you need security awareness training in your business
- 6 Top Tips to Prevent Cyber Attacks
- How to choose the best IT Service Provider for your business
- How to choose the best Antivirus software for your business
How to get your cyber security budget approved by the board
There’s a few ways to improve the approach to the company board that will significantly help to get them onboard with improving cyber security, especially when linking this to risk mitigation.More
The TechForce Sponsorships
Are you interested in kickstarting your career in cybersecurity? You could be eligible for funding towards the CompTIA Security+ exam, covering up to 100% of the exam cost.More
How to start a career in the security industry
There’s usually three ways into any job role. They are education, experience and self study. This post looks at how they work in the cyber and information security industry.More
Protecting your business in the cyber security era
Almost every day we hear reports of businesses being impacted by a lack of effective cyber security practices; often causing financial losses, reputational damage and productivity issues. This article tells you how to take actionMore
FOR LATEST UPDATES SUBSCRIBE HERE: