How to protect your business from scam emails

By jan_wielengaAccess Technologies

spam-300x200After working within the telecommunications and technology industry for more than 20 years now, I’ve seen my fair share of email scams.

They’ve arrived in various forms, including the ‘phishing’ ones that claim to have come from the bank or Inland Revenue; the emails that tell you that you’re due a refund; and the ones that ask you to update your information as their records appear ‘incorrect’.

Invariably they all have a zip file attached which contains an executable file or a link to an installable one. Obviously these should always be treated with caution because they more than likely contain a virus, which could be extremely harmful to your business. Although they may appear genuine and legitimate, they are actually designed to seek out and obtain some of your business’ most sensitive information.

As the famous saying goes: “If it seems too good to be true, then it probably is.”
March is a pivotal month in every business calendar. One month to close sales, resolve any issues and collect outstanding payments before the end of the financial year. As pressures increase and stress levels rise, taking care when browsing the internet often gets forgotten.

However it’s important that businesses stay alert at all times because we’ve now entered a period in which criminals aim to take advantage of low vigilance.

Simple tips:

  • Do not open zip files that contain ‘exe files’ unless you can verify the source.
  • Use firewalls and up-to-date security software that scan emails.
  • Make sure all operating systems and application software are up to date.
  • Check the validity of the email by contacting the source (but not by the phone number provided) and inform them they are being impersonated.
  • Use endpoint verification software – provided by some banks for free.

And to be extra careful…

  • Utilise cloud-based security solutions where you can.
  • Use public IP addresses sparingly and only to servers that have sufficient defence software.
  • Use public IP addresses only to devices that may benefit from it (such as IP phones) and do not expose a risk to the rest of your network.
  • Ensure that you close down ports that are no longer needed (FTP, HTTP etc.).
  • Allow the use of UPnP sparingly and make sure that applications close down the ports after a session.
  • Only allow the use of public hotspots when SSH or IP-SEC tunnelling software is used.
  • Mobile data solutions are safer than Wi-Fi

Scam emails are one of the most common techniques hackers use to obtain valuable information. Although relatively simple, they can be highly dangerous and damaging for your business.Make sure you are always on guard; don’t let all your hard work throughout the year be ruined through just one click.