Reality Alert: A small business had automatic payments set up to go to a vendor who provided their office supplies every month. One day an employee in accounting got an email that appeared to come from the vendor asking that payments to be sent to a different account. Not thinking twice, the employee changed where the payments were sent. Unfortunately, after a few months, the vendor contacted the business wondering why they weren’t getting paid. That’s when the business realized the payments had actually been going to a cyber criminal and not the vendor.
Unfortunately, with rapidly developing technology, these types of scams are becoming more common. Many times, if an email appears legitimate, employees don’t take precautions because they don’t assume someone would be trying to steal money from their company. With today’s technology, however, it’s important to be suspicious of anything and anyone requesting account numbers or other sensitive information.
According to the Department of Homeland Security, “Phishing attacks use email or malicious websites to infect your machine with malware and viruses in order to collect personal and financial information.” Many times businesses will get emails that look exactly like a real email from their bank or a vendor. They often ask for sensitive information to “verify your account” or claim they need to update the company’s information. Once users reply with the information or open a corrupt link in the email, the criminals use the information to access their accounts.