Email account compromise is on the rise! The goal of a scammer is to gain and abuse your trust. Trust is how fraudsters managed to compromise you and hundreds of others, racking up billions in financial losses in just a few years’ time.
How is this possible? Imagine receiving an email from your boss asking you to wire money to someone or requesting highly sensitive information. How likely are you to engage and comply with the request? The same is true in your personal life. If you get an email from a close friend or family member claiming they are stuck in a foreign country and need money, what do you do?
Read below to learn how to prevent email account compromise from happening to you.
- Always verify the source. Requests for money or sensitive information should be handled cautiously, and with a degree of skepticism.
- Vocally confirm those requests. Even if you’re 99% sure the request is legitimate, there’s no harm in confirming it and avoiding that 1% chance that you are wrong.
- Be cautious on social media. Limit the amount of information you share and consider maxing out privacy settings. Cyber criminals use social media for data mining their targets.
- Learn to spot phishing emails. Common signs of phishing attacks include bad grammar, poor spelling, awkward phrasing, sense of urgency, and threatening language.
- Participate in awareness training. Every employee, from C-level to reception, benefits from awareness training!
- Remember that high-level access creates high-level risk. C-suites, managers, and executives need to be extra cautious in every aspect of their work and personal lives, since they are the number one target.
- Think before you click. Many of these attacks are made possible by someone clicking on something they shouldn’t have.
- Use unique passwords. Using the same password for all of your applications and media logins, makes it easier for a criminal to compromise EVERYTHING. Never use the same password for online banking, email, or social media.
- Always follow policy. No matter what, follow our organization’s policy at all times, and if you’re not sure about something, please ask!
Do you have any lingering questions questions or concerns about cyber security? We are your partner in information security! Don't hesitate to contact us and find out how the Pentucket Bank team can assist in meeting your cyber protection goals.
Senior Vice President - Risk and Information Security Officer