Tip of the Week: How to Protect Yourself from Invoice Impersonation

Tip of the Week: How to Protect Yourself from Invoice Impersonation

As cybercriminals become increasingly sophisticated in their methods of attack, it is important that your staff--the ones on the front lines--are educated to spot these attempts and know what to do if one is encountered. In order to spot these attacks, it is important to know what to look for.

Unfortunately, the increased sophistication of these attacks have made them harder to spot and resultantly, harder to avoid. This has led to a rise in the use of an attack vector known as an invoice impersonation attack. When utilizing these attacks, a cybercriminal will send a message under an assumed name (often one that belongs to a regular contact in actuality) that includes an invoice number and a link, presumably to download the invoice.

However, rather than downloading the invoice, as expected, the target of an attack will discover that they have actually downloaded some malware. This is often how ransomware is introduced into a system.

Warning Signs
To avoid falling victim to an invoice impersonation attack--or any form of email phishing or fraud--your users should know to keep their eyes out for any warning signs.

Messages containing a payment request and link
One of the bigger security issues with the concept of email is the fact that most users can only take it on good faith that the message comes from the person it appears to have. There is no voice to identify as someone else’s, and no handwriting to compare to the actual person’s.

Therefore, if an email comes from someone with a request for payments to be made, with a link to what is claimed to be a payment portal, don’t click. You might have just dodged a ransomware program delivered via a phishing attempt.

How to Protect Your Business (with the Help of Your Employees)
Phishing attacks, including invoice impersonation attacks, rely on their target to trust the content enough to not question if the sender is who they say they are. As such, they can be avoided with a little mindfulness on the part of your employees.

Make sure your employees know to keep an eye out for risk factors. Requiring regular training sessions as well as testing their cybersecurity mindfulness will help to keep awareness alive and well among your staff members.

Furthermore, you should have updated spam filters and malware blockers installed to help minimize the risk that these messages even make it to your staff in the first place. This is where BNMC can help.

If you’re interested in the solutions we have that can help make cyberthreats a non-issue, give us a call at 978-482-2020.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, December 10 2018

Captcha Image

Subscribe to Our Blog!

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Tip of the Week Best Practices Technology Cloud Email Privacy Malware Business Computing Hackers Business Network Security Software User Tips Computer Internet Microsoft Google IT Services Tech Term Hosted Solutions Efficiency Ransomware Mobile Devices Communication Smartphone Small Business Android Productivity Data Backup Managed IT Services IT Support Data Management Internet of Things Cloud Computing Saving Money Data Recovery Browser Business Continuity Hardware Innovation Windows 10 Windows Data Backup Workplace Tips Cybersecurity App Microsoft Office Business Management Managed IT Services Productivity Word Upgrade Server Facebook Remote Monitoring Gmail Artificial Intelligence Office 365 Windows 10 Disaster Recovery Encryption Passwords Outsourced IT Chrome Managed Service Provider Phishing Analytics Vulnerability Employer-Employee Relationship communications Mobile Device Applications Network Website IT Support Money Infrastructure BYOD Tip of the week Smartphones Bandwidth Content Filtering Settings Miscellaneous Robot Antivirus Save Money Users YouTube IT Management Data storage Social Media Government Risk Management Office Tips Company Culture Managed Service Big Data Google Drive VoIP Maintenance Vendor Management Avoiding Downtime Monitors Mouse Development Information Scam Wireless Education Automation Apple Storage End of Support HIPAA Virtual Reality VPN Mobile Security Access Control Data Security Paperless Office Business Technology SaaS Server Management Virtual Private Network Touchscreen Business Intelligence Quick Tips Holiday Data loss Outlook Unified Threat Management Spam Computing Laptop Telephone Systems WiFi Alert Operating System The Internet of Things Employee-Employer Relationship Display desktop LiFi Hosted Solution Firewall Administration Two-factor Authentication Managing Stress Tech Support Star Wars Cybercrime PowerPoint User Error Chatbots eWaste Downtime Patch Management Managed IT Service Nanotechnology Document Management Spyware Cryptocurrency Customer Relationship Management Chromebook Wearable Technology Marketing Network upgrade Uninterrupted Power Supply Apps Mobility Specifications Google Docs Alerts Gadgets USB File Sharing IT solutions Going Green Co-Managed IT Heating/Cooling Multi-Factor Security Social Engineering Motherboard Cables Computer Care IBM Websites Fraud Cost Management Hacks Onboarding Time Management Printer Identity Continuity Solid State Drive Break Fix Screen Reader Charging Identity Theft Bitcoin Slack Networking Smart Office Google Wallet Search Black Friday Business Growth Emergency Licensing Dongle Halloween Printing Content Servers Google Calendar Safety Wires Training Corporate Profile Dark Web Assessment Automobile Password Digital Signage Network Management Remote Computing Solar Hard Disk Drive Legal Smart Tech Windows 8 Monitoring Network Congestion Work Dell Unified Communications Drones Cyber Monday Hacker Cooperation Service Level Agreement Scary Stories Cabling Streaming Legislation Router Voice over Internet Protocol WannaCry Microsoft Excel Wi-Fi Hotspot Internet Exlporer Running Cable Google Maps Mobile Device Management Troubleshooting SharePoint Writing Compliance Deep Learning Connectivity Spying Techology Computers IT Technicians Optimization Buisness Managed IT Smart Technology Alt Codes Analysis How To Lenovo Dark Data Update Staff Leominster Sports Human Error Statistics Tablet Modem FinTech Virtual Desktop Mail Merge Blockchain Language Value Downloads Retail Regulations Bring Your Own Device IoT Digital Payment Social VoIP Unified Threat Management Mirgation Recycling Budget Shortcut Distributed Denial of Service Politics Digital Typing Humor Firefox Superfish Customer Service Augmented Reality K-12 Schools Disaster Information Technology Device Bluetooth Comparison Cookies MSP Address Permissions Computing Infrastructure Professional Services Collaboration Current Events LED Office Samsung Social Networking Best Practice Black Market CCTV Webcam Law Enforcement Electronic Medical Records Notifications Physical Security Error Twitter Emoji Point of Sale Ben McDonald shares Print Toner Upgrades Gadget Travel Crowdsourcing BDR Personal Information Botnet G Suite Regulation Supercomputer CrashOverride Cortana 3D Printing Motion Sickness Staffing Machine Learning Administrator Processors Taxes IT Budget Virtualization Web Server what was your? Unsupported Software GPS Computer Repair Relocation Mobile Computing Printers IT Consultant Cameras Mobile Data Tracking Recovery Meetings How To Work/Life Balance Health Private Cloud Cleaning

What Our Clients Say

  • BNMC has provided us with nothing less than outstanding service and results for all of our IT needs for the past few years. Every member of their staff is professional, knowledgeable, friendly and eager to solve any problem...
  • 1
  • 2
  • 3