Bredy Network Management Corporation Blogs

BNMC has been serving the Andover area since 1988, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Tip of the Week: How to Protect Yourself from Invoice Impersonation

Tip of the Week: How to Protect Yourself from Invoice Impersonation

As cybercriminals become increasingly sophisticated in their methods of attack, it is important that your staff--the ones on the front lines--are educated to spot these attempts and know what to do if one is encountered. In order to spot these attacks, it is important to know what to look for.

Unfortunately, the increased sophistication of these attacks have made them harder to spot and resultantly, harder to avoid. This has led to a rise in the use of an attack vector known as an invoice impersonation attack. When utilizing these attacks, a cybercriminal will send a message under an assumed name (often one that belongs to a regular contact in actuality) that includes an invoice number and a link, presumably to download the invoice.

However, rather than downloading the invoice, as expected, the target of an attack will discover that they have actually downloaded some malware. This is often how ransomware is introduced into a system.

Warning Signs
To avoid falling victim to an invoice impersonation attack--or any form of email phishing or fraud--your users should know to keep their eyes out for any warning signs.

Messages containing a payment request and link
One of the bigger security issues with the concept of email is the fact that most users can only take it on good faith that the message comes from the person it appears to have. There is no voice to identify as someone else’s, and no handwriting to compare to the actual person’s.

Therefore, if an email comes from someone with a request for payments to be made, with a link to what is claimed to be a payment portal, don’t click. You might have just dodged a ransomware program delivered via a phishing attempt.

How to Protect Your Business (with the Help of Your Employees)
Phishing attacks, including invoice impersonation attacks, rely on their target to trust the content enough to not question if the sender is who they say they are. As such, they can be avoided with a little mindfulness on the part of your employees.

Make sure your employees know to keep an eye out for risk factors. Requiring regular training sessions as well as testing their cybersecurity mindfulness will help to keep awareness alive and well among your staff members.

Furthermore, you should have updated spam filters and malware blockers installed to help minimize the risk that these messages even make it to your staff in the first place. This is where BNMC can help.

If you’re interested in the solutions we have that can help make cyberthreats a non-issue, give us a call at 978-482-2020.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, 19 March 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Subscribe to Our Blog!

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Tip of the Week Best Practices Technology Cloud Email Privacy Malware Hackers Business Computing Software Internet Hosted Solutions Ransomware Microsoft Android IT Services Network Security Business Google Computer Backup Mobile Devices Smartphone Windows Data Management Small Business Windows 10 Innovation Internet of Things App Artificial Intelligence Hardware Cloud Computing Encryption Server Data Business Continuity Browser Office 365 Managed Service Provider Business Management Data Recovery Efficiency Saving Money IT Support Tip of the week Productivity Managed IT Services Remote Monitoring Phishing User Tips Outsourced IT Gmail Smartphones Facebook Risk Management Word Windows 10 Robot Productivity Google Drive Cybersecurity Upgrade Chrome Settings Vulnerability IT Support Infrastructure IT Management Data storage Money Office Tips Big Data Antivirus Communication Apple LiFi HIPAA SaaS Storage Administration Mobile Security Holiday Data loss Content Filtering Telephone Systems Business Technology Alert Analytics Firewall Computing Network Two-factor Authentication Employer-Employee Relationship End of Support Scam Government Hosted Solution Bandwidth Unified Threat Management Workplace Tips VPN Data Security Microsoft Office BYOD Managed IT Services YouTube Server Management Virtual Private Network Social Media Maintenance communications Outlook Monitors Save Money Disaster Recovery Automation Passwords Mouse Mobile Device Virtual Reality Miscellaneous Data Backup Printer Marketing Time Management WannaCry Google Maps Black Friday Search Bitcoin Printing Emergency Writing Applications Access Control Network Management Legal Cyber Monday Dark Data Windows 8 Retail desktop IT solutions Hotspot IT Technicians SharePoint Politics Touchscreen Digital Smart Technology Collaboration Managed IT Customer Service Lenovo Office Samsung Language Running Cable Mirgation Document Management Buisness Downloads Vendor Management Tech Support Operating System Spyware Social Virtual Desktop Distributed Denial of Service File Sharing Shortcut Laptop Superfish Social Engineering Information Technology Solid State Drive Computing Infrastructure Deep Learning Chatbots Identity Theft Websites Best Practice Managed IT Service Patch Management Safety Customer Relationship Management Hard Disk Drive Spam Alerts Bring Your Own Device Identity Downtime Multi-Factor Security Heating/Cooling Google Docs Hacks Cabling Break Fix Network Congestion Networking Gadgets Google Wallet Licensing Tech Term Google Calendar Wi-Fi Servers Business Growth How To Password Dark Web Computers Halloween Users Drones Apps Cooperation Firefox Compliance Digital Payment Legislation Hacker Disaster Education Microsoft Excel Display Scary Stories Techology Quick Tips Staff Regulations Website Tablet Statistics Alt Codes Uninterrupted Power Supply Blockchain Mail Merge Computer Care Sports Unified Threat Management VoIP Budget IBM Unified Communications Augmented Reality Wireless Comparison Bluetooth Humor Typing Current Events Permissions The Internet of Things Address Training User Error Avoiding Downtime Corporate Profile Wearable Technology Specifications Automobile VoIP Cryptocurrency Going Green Dell WiFi Fraud Remote Computing Paperless Office Cybercrime Staffing 3D Printing Administrator Processors what was your? Web Server GPS Unsupported Software Update Cameras Tracking Mobile Data Recovery CCTV Chromebook Notifications Physical Security Emoji Travel Crowdsourcing G Suite Supercomputer Personal Information Botnet CrashOverride Cortana Motion Sickness Taxes IT Budget Machine Learning Virtualization IT Consultant Computer Repair Relocation Mobile Device Management Meetings Cleaning How To Work/Life Balance Health Private Cloud Mobile Computing Black Market Webcam Law Enforcement Electronic Medical Records Error Ben McDonald shares Twitter Point of Sale Upgrades Gadget

Sign up for our Newsletter!

  • Company Name *
  • First Name *
  • Last Name *

      What Our Clients Say

      • BNMC has provided us with nothing less than outstanding service and results for all of our IT needs for the past few years. Every member of their staff is professional, knowledgeable, friendly and eager to solve any problem...
      • 1
      • 2
      • 3