It’s a typical morning as you sit down at your desk to have your first sip of coffee. After logging in to your email, you see a request from your manager to make a small money transfer to a bank on their behalf. Your business uses several vendors so requests of this nature are fairly routine and after seeing that accounting had been CC’d, you don’t think twice about following instructions. Over the next few days, additional requests come and more money is wired to several accounts, some of them foreign. You even speak to a representative of the firm over the phone to work out the details of the transfer. In less than a week your company has transferred a considerable amount of money from your main account.
Except the vendors won’t get paid because they never contacted you in the first place. You’ve fallen victim to a simple yet ruthlessly effective campaign of deceit and manipulation called phishing.
Phishing in a Nutshell…
Phishing emails go to a wide group of people without targeting anyone. It’s like a fisherman casting a wide net trying to see what he can catch. Phishing scams are fraudulent email messages appearing to come from colleagues, vendors or other legitimate enterprises (e.g. your bank or Internet service provider) asking you to divulge private information (e.g. account numbers, payroll details, account updates). The perpetrators then use this private information to commit identity theft.
A common type of scheme targeting small and medium-sized businesses is called Spear Phishing, Instead of casting out thousands of e-mails randomly hoping a few victims will bite, spear phishers target select groups of people with something in common—they work at the same company, bank at the same financial institution, etc. The e-mails are ostensibly sent from organizations or individuals the potential victims would normally get e-mails from, making them even more deceptive.
To fight spear phishing scams, employees need to be aware of the threats, such as the possibility of bogus emails landing in their inbox. Besides education, technology that focuses on email security is necessary.
Clearview Global’s mission is to become your defense against the exponential rise in global security risks. Our team of threat-prevention specialists would be happy to conduct a risk assessment and create a security package tailored to the specific needs of your business. We offer network security solutions and a consultation session to ensure your business can thrive in a safe and secure environment.
Interested in learning more? Contact us at firstname.lastname@example.org to speak to a representative.