Tip of the Week: How to Protect Yourself from Invoice Impersonation

Tip of the Week: How to Protect Yourself from Invoice Impersonation

As cybercriminals become increasingly sophisticated in their methods of attack, it is important that your staff--the ones on the front lines--are educated to spot these attempts and know what to do if one is encountered. In order to spot these attacks, it is important to know what to look for.

Unfortunately, the increased sophistication of these attacks have made them harder to spot and resultantly, harder to avoid. This has led to a rise in the use of an attack vector known as an invoice impersonation attack. When utilizing these attacks, a cybercriminal will send a message under an assumed name (often one that belongs to a regular contact in actuality) that includes an invoice number and a link, presumably to download the invoice.

However, rather than downloading the invoice, as expected, the target of an attack will discover that they have actually downloaded some malware. This is often how ransomware is introduced into a system.

Warning Signs
To avoid falling victim to an invoice impersonation attack--or any form of email phishing or fraud--your users should know to keep their eyes out for any warning signs.

Messages containing a payment request and link
One of the bigger security issues with the concept of email is the fact that most users can only take it on good faith that the message comes from the person it appears to have. There is no voice to identify as someone else’s, and no handwriting to compare to the actual person’s.

Therefore, if an email comes from someone with a request for payments to be made, with a link to what is claimed to be a payment portal, don’t click. You might have just dodged a ransomware program delivered via a phishing attempt.

How to Protect Your Business (with the Help of Your Employees)
Phishing attacks, including invoice impersonation attacks, rely on their target to trust the content enough to not question if the sender is who they say they are. As such, they can be avoided with a little mindfulness on the part of your employees.

Make sure your employees know to keep an eye out for risk factors. Requiring regular training sessions as well as testing their cybersecurity mindfulness will help to keep awareness alive and well among your staff members.

Furthermore, you should have updated spam filters and malware blockers installed to help minimize the risk that these messages even make it to your staff in the first place. This is where BNMC can help.

If you’re interested in the solutions we have that can help make cyberthreats a non-issue, give us a call at 978-482-2020.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Sunday, September 23 2018

Captcha Image

Subscribe to Our Blog!

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Tip of the Week Best Practices Technology Cloud Privacy Email Malware Hackers Business Computing Software Network Security Microsoft Internet Computer Hosted Solutions Tech Term Google Business IT Services Ransomware Mobile Devices Small Business Managed IT Services Android Backup User Tips Smartphone Data Management Internet of Things IT Support Efficiency Saving Money Business Continuity Innovation Hardware Cloud Computing Data Recovery Windows Communication Data Data Backup Browser App Productivity Windows 10 Cybersecurity Facebook Server Business Management Managed IT Services Gmail Artificial Intelligence Remote Monitoring Encryption Passwords Smartphones Productivity Windows 10 Office 365 Chrome Managed Service Provider Analytics Tip of the week Phishing Infrastructure communications Microsoft Office Vulnerability Network Word Outsourced IT IT Support Money Applications Disaster Recovery Employer-Employee Relationship Bandwidth Content Filtering Upgrade Settings Government BYOD Antivirus YouTube Data storage Maintenance Risk Management Social Media Website Office Tips Save Money Robot IT Management Big Data Google Drive VoIP Paperless Office Virtual Reality Mouse Miscellaneous Company Culture SaaS Apple Two-factor Authentication Storage Unified Threat Management Managing Stress Data loss Telephone Systems Holiday Workplace Tips Avoiding Downtime desktop Information Scam Alert Firewall HIPAA Outlook Vendor Management VPN Spam Computing Monitors Mobile Security WiFi Data Security Wireless Server Management Business Technology LiFi Laptop Touchscreen Business Intelligence Virtual Private Network Hosted Solution The Internet of Things Automation Mobile Device Administration End of Support Leominster Statistics Tablet Dell Modem FinTech Analysis How To Lenovo Safety Staff Downloads Cryptocurrency Downtime Cabling Regulations Mail Merge Apps Blockchain Cybercrime WannaCry Remote Computing Language Value Marketing Google Docs Google Maps Mirgation Recycling Shortcut IT solutions Distributed Denial of Service Going Green Network Congestion IoT Employee-Employer Relationship VoIP Unified Threat Management Augmented Reality K-12 Schools Bluetooth Education Comparison Hacks Cookies MSP Managed Service Firefox Superfish Gadgets Bitcoin Wi-Fi Social Networking Address Permissions Google Wallet Writing Computing Infrastructure Professional Services User Error Business Growth Chatbots eWaste Patch Management Managed IT Service Printing Computers Star Wars PowerPoint Wearable Technology Network upgrade Specifications Password Dark Data Nanotechnology Development Customer Relationship Management Users Legal Halloween Digital Payment Heating/Cooling Multi-Factor Security Windows 8 Disaster Motherboard Cables Unified Communications Drones Digital Retail Alerts USB Time Management Printer Hacker Collaboration Politics Identity Continuity Break Fix Display Fraud Cost Management Onboarding Smart Office Search Black Friday Customer Service Screen Reader Charging Slack Networking Deep Learning Scary Stories Servers Google Calendar Uninterrupted Power Supply Wires Emergency Running Cable Document Management Spyware Office Samsung Licensing Dongle Network Management Access Control Alt Codes File Sharing Buisness Tech Support Solar Dark Web Computer Care IBM Assessment Digital Signage Work Cyber Monday Virtual Desktop Solid State Drive Chromebook Smart Tech Monitoring Bring Your Own Device Operating System Sports Legislation Social Router Voice over Internet Protocol Budget Identity Theft Social Engineering Cooperation Service Level Agreement Troubleshooting SharePoint Typing Humor Websites Compliance Microsoft Excel Information Technology Training Corporate Profile Hotspot Internet Exlporer IT Technicians Optimization Managed IT Smart Technology Current Events Hard Disk Drive Connectivity Spying Quick Tips Techology Best Practice Automobile Supercomputer CrashOverride Crowdsourcing Printers Motion Sickness Personal Information Botnet Staffing Administrator 3D Printing Taxes Cortana Web Server what was your? IT Budget Machine Learning GPS Processors Unsupported Software IT Consultant Virtualization Cameras Update Meetings Computer Repair Relocation Tracking Mobile Data Cleaning How To Work/Life Balance Mobile Device Management CCTV Recovery Webcam Health Private Cloud BDR Black Market Law Enforcement Mobile Computing Regulation Error Point of Sale Ben McDonald shares Electronic Medical Records Notifications Travel Physical Security Twitter Upgrades Gadget G Suite Emoji

What Our Clients Say

  • BNMC has provided us with nothing less than outstanding service and results for all of our IT needs for the past few years. Every member of their staff is professional, knowledgeable, friendly and eager to solve any problem...
  • 1
  • 2
  • 3