The FBI Elegantly Asks You to Stop Sending Money to Internet Criminals.
We are now in the 16th annual National Cybersecurity Awareness Month, a collaborative effort by the US Government and participating industry groups to educate all computer users enough so that they stop clicking those pesky links that download viruses and stop sending personal, health, employment, and tax information unencrypted.
What else do they suggest you stop doing? The FBI, DHS, industry groups, and Tech Essentials suggest you:
1. Stop paying fake invoices, mainly recommending that you and your team not use unencrypted and unauthenticated (a/k/a standard email) to approve invoices for payment.
Hint: Try setting up a business policy where you and your team know that all invoice approvals are only communicated by RMail encrypted email from certain sending addresses, in particular first-time vendor invoices and payment change requests.
2. Stop sending wire transfers with your money or client money to bad people, mainly recommending you and your team are not duped by very clever people posing as you or colleagues that lure the unsuspecting into sending money to the wrong people.
Hint: Try installing RMail Anti-Whaling email imposter detection not only on your computer, but importantly on the computers of your HR and finance staff.
3. Don’t automatically assume an email “From” name is an email from that named person, mainly recommending you look at the whole “from” email address and “from domain” to verify it is authentic and looking at the raw URL source of a link before clicking.
Hint: Try reminding your staff to most importantly examine the entire email address (not just the name, but the entire domain) to look for mismatches in names and domains, especially when using mobile devices. Hover a mouse over links before clicking to view the whole URL. And, try installing RMail Anti-Whaling email imposter detection.
4. Stop leaving breadcrumbs of your (or your HR, company, or client) private information all over the Internet, ready to be collected by bad people, mainly recommending you send important information RMail encrypted.
Hint: Try reminding your staff to encrypt all email that contains an attachment; assume any email important enough to have an attachment is an email that may contain sensitive information. Or even better, try automating this with a rule using RMail Gateway.
5. Avoid giving your important account log-in details to criminals, mainly recommending you not respond to unsolicited text message or email that asks you to update, check, or verify your account information.
Hint: While this seems obvious, consider if these unsolicited text message or email were not so successful as the entry point for Internet criminals, they would not bother sending them. They work; they trick many.
There are other recommendations that these government agencies and organizations have developed as part of National Cybersecurity Awareness Month to raise awareness about cybersecurity and stress the collective effort needed to stop cyber intrusions and online thefts and scams.
Try starting with the first five above. Share these with your staff, clients, and family and friends.
Try RMail free – click here.