Gone Phishing?
Do you use e-mail for your business?
We have all become so complacent in using e-mail to share information quickly that we likely send documents and information that we would never send via a post card. Sending an e-mail is equivalent to mailing a post card!
What you can control
The world we live in requires all of us to be aware of the risks that are associated with technology and it is so important to implement tools and procedures to protect your business or organization.
Breakwater accounting + advisory corp. recommends working with your Information Technology personnel or a consultant to define restricted (super sensitive) and confidential (somewhat sensitive) information, based on your specific business or non-profit activities.
Restricted data requires the highest level of security, often driven by legal and regulatory requirements and penalties. An example would be social security numbers or credit card numbers. Confidential data should be protected from unauthorized access. A bank or credit card statement and financial reporting are good examples of confidential information .
How does your organization share or work with restricted and confidential data? There are many options and software applications to assist; you need to ensure the data is encrypted at rest (stored) and in flight (the sharing or sending of).
If you are still working toward a solution, there are several things you can do to strengthen your email security. Update your password regularly by using lower and upper case letters, numbers, and symbols and enable two-step authentication. If you use Google Mail, this is a helpful article on the ways Google can help you make your email more secure. https://www.toptenreviews.com/software/articles/how-secure-is-gmail/
What you can’t control
One of the most common cybersecurity cons is Email spoofing and phishing. Spoofing is someone impersonating a known person. Phishing is trying to get information or money.
This fraudulent scheme is so prevalent that each of you has likely been a recipient of spear phishing (targeted) or general phishing, or you have a friend who has. You will receive an email that looks like it is from someone you know, and perhaps work for. The wording will likely be an urgent need or request, in the hope that you will react before thinking and looking more into the details. Many companies have lost money to these phishing schemes.
Educate yourself and your employees so no one falls for these attempts. If an email seems off or is requesting a financial transaction, pay closer attention. Look at the email address. The name may be someone you know, but is the email address different from your contact email address? If the email address looks correct but the request relates to moving money or sharing or changing information related to the movement of money, pick up the phone and call the sender directly to confirm the request.
We highly recommend that you dedicate the time and attention to protect your business and personal information.
Breakwater accounting + advisory corp. is not an Information Technology firm, but we research, get certified in, and actively use technology and work with our clients to ensure their bookkeeping and accounting needs are being met. Breakwater has spent a lot of time putting security measures in place to help protect us, our clients and their businesses and organizations.
We hope you will too!