Companies rely on email for most communications — e.g., interacting with customers, running marketing campaigns, negotiating contracts with suppliers and managing a distributed workforce. While email offers various benefits, including speed and efficiency, its users can often fall victim to fraud due to the platform’s prevalence and success.

In fact, email is widely exploited by hackers for the execution of sophisticated phishing attacks, targeting commercially sensitive and personally identifiable information and costing hundreds of millions of dollars to businesses every year.

Fortunately, detecting and preventing email scams is possible even if you are not a cybersecurity expert. As a founder, manager or employee, you can significantly reduce the risk of data loss in your organization by being aware of the typical signs of business email fraud.

1. Web-Based Free Email Accounts

Anyone with an internet connection can create a free email account and use a generic address like companyabc@mail.com to send fraudulent messages. In contrast, only verified domain owners have the ability to set up and allocate custom email addresses, such as employee@companyabc.com or ceo@businessdec.com.

This being said, there is no reason for a sound organization to allow employees to make contact with customers, suppliers or any stakeholder using free or personal email accounts, especially not if confidential data is involved.

2. Urgency

It is in scammers’ best interest to carry out phishing attacks quickly. As time goes by, targets are more likely to notice that something is off and take measures to warn their colleagues, organization and third parties against suspicious emails. That is why cybercriminals come up with all sorts of pressing reasons (see examples below) to justify speedy money transfers or the disclosure of private and financial details:

• Time-sensitive deal with a new customer
• Breach of contract and lawsuit
• Overdue invoice and penalty for late payments
• Account suspension and service disruption

3. Unpolished Communications

Brands know that their reputations are on the line in every communication sent externally and spend a lot of effort perfecting messages, personalizing campaigns and checking drafts for errors. Generic greetings, grammar mistakes and bad formatting are all signals of “phishy” email messages.

4. Follow-Ups via Email Only

Fraudsters are wary of revealing too much about themselves to avoid compromising their fake identities. You can leverage that fact to spot email scams. For instance, when someone makes an unusual or urgent request, ask to follow up on the phone or face to face. Any legitimate sender will see no objection, whereas an impersonator is probably going to give excuses not to talk or meet and insist on communicating exclusively via email.

5. Odd URLs and Domains

Many email scams use external links to redirect potential victims to a fake homepage or formwhere personal and financial data is then collected. These phishing messages can look very convincing at first glance but usually exhibit one or more red flags. For example:

• Inconsistent embedded links, where the display and destination URLs do not match
• A domain and email address different than the one used in past brand communications
• Shortened URLs, masking the actual destination
• A URL name that is missing a character, e.g., http:// instead of https:// or website.com rather than website.com/

6. No Multichannel Support

Scammers find it advantageous to impersonate known entities that inspire trust and credibility in order to boost the success rates of their attacks. However, while it’s one thing to forge an email address, it’s another to mimic an entire customer support department and social media accounts.

Large organizations – and, increasingly, small and medium-sized businesses – invest heavily in customer experience and offer various options for recipients to talk to a representative to resolve doubts and answer questions. Cybercriminals, on the contrary, do not want their targets to reach out for support. If you are unsure about the source of a message, try contacting the company using official customer support channels to clarify what is happening and check whether a request for information is legitimate.

7. Doubtful Attachments

Another common phishing technique consists of including one or more malicious attachments to deceitful emails and prompting recipients to download and open them to complete a task. These files may contain viruses or other forms of malware designed to damage, alter or retrieve data, infect servers and networks or lock systems until a ransom is paid in exchange for a decryption key.

To avoid the above, beware of attachments in general, particularly from unknown senders or the following types of attachments:

• .7z, .rar, .zip and other compressed files
• .bat, .cmd, .exe, .hta, .jar, .js, .msi and extensions used to run code
• .docm, .pptm and .xlsm macro-enabled documents

In 2017, ransomware became so powerful that it managed to finally make a name for itself as a business model. Ransomware as a service (RaaS) allows hackers to simply buy or sell their own ransomware for the purpose of damaging individuals or businesses.

Considering that, and the fact that all the other businesses affected by hackers, cybersecurity has become extremely important for every business today. It doesn’t matter what industry you pertain to – the reality is that hackers can access your data and sell it for a profit or perform other maleficent actions.

This is why investing in business IT solutions can help protect your company from this type of attack. Creating the right protection plan is essential to your business. Even if you believe that your business is not important enough to attack, the reality is that every organization could become a victim. Our dedicated team created a quick list of three things you need to do to keep your files safe.

Data Backup and Protection

One of the main benefits of business IT support and data protection solution is that they can keep your data safe from prying eyes. Hackers won’t have easy access to your sensitive data. Also, having a professional data backup and protection plan will make you less prone to malware and viruses. You get to save money this way, and in the end, hackers will find it more difficult to take advantage of any human errors. Plus, protecting your data will help you stay in compliance with the current laws. Use this type of service, and there will be less need to worry about the safety of your data.

Cloud Solutions

Most companies that use cloud services may be targeted by hackers. With help from a great IT support team and other dedicated services, you can help negate that issue. A dependable business technology solutions team password protects all your content, filters it and heavily monitors company information to ensure that only the authorized parties will be able to access designated files. This way everyone will get to see only what they need to.

24/7 Business IT Support

A dependable IT support team knows that cybersecurity issues can appear at any time, regardless of the hour. Services like these can bring you the best business computer services and reliable solutions in no time.

If you opt for round–the-clock IT support, you won’t have to worry about any data security issue, and the team can also help you deal with any other type of IT issues, not only security related stuff. This also ensures you that the company files are safe. A well managed IT services firm would also have heavily monitored data centers. Only authorized personnel goes into this building, which means that all your sensitive data will be stored by a professional and reliable business.

As long as there’s data online, there will always be hackers that try to steal it. Don’t let hackers take advantage of your company’s information. Invest in the best business IT solutions right now.

The concept of smart homes has become quite popular among consumers, especially due to their convenience. A smart home is equipped with several devices that are connected to the internet or intranet (internal network), to allow users remote management of different household appliances or systems.

The rapid growth of smart homes can also open up new opportunities for perpetrators to practice acts of cybercrime. Appliances in a smart home are all connected in a network. Any breach in that network can allow cybercriminals access to your home appliances, which can jeopardize your privacy or even potentially threaten your life.

Make sure you are following these steps to prevent hackers from gaining access to the network that connects to your smart home.

1) Use protected devices and appliances only

Different appliances or devices like thermostats, lighting systems and CCTV systems present in your smart home are part of a network. As a consumer, you need to make sure that each of these devices has been designed to meet certain security and safety standards. While purchasing smart devices you can ensure that they meet standards like ZigBee, Z-Wave or S2 (Security 2). Most well established brands follow these secured transmission protocols. Buying cheaper devices may save you money, but it can also expose you to cyber threats, as these devices lack the proper security protocols.

2) Never access your smart home network from a public or open Wi-Fi

One of the key features of smart home systems is that they allow you to remotely control or manage your home appliances. Since you are connecting to your home automation network over the internet, you need to avoid using any open or public Wi-Fi. These networks can have very poor security protocols and give hackers the opportunity to sneak into your home network. Methods like man in the middle (MITM) (man in the middle) enable hackers to set up fake public Wi-Fi that allows them to intercept any transmission that takes place. They may be able to see the type of data that you are sending to or receiving from your smart home.

3) Keep your smartphone secured

In a home automation system, your smartphone acts as a universal remote control; ensure that it is always locked by a passcode, touchID or facial recognition. In case your smartphone is stolen, immediately try to lock it by remote access – the “Find my iPhone” feature of iOS can be really handy in situations like this. Moreover, if you have reason to believe the security of your smartphone has been compromised, or even if you have recovered your phone after it had gone missing, reset the password of your smart home network. It is also advisable that, in such situations, after retrieving your phone you restore to factory settings.

4) Smart homes need smart password management

In a typical smart home, the appliances or devices are connected to the network via a Wi-Fi router or hub; therefore, protecting Wi-Fi is crucial. Set a strong password for your Wi-Fi network that is at least 12 characters long – and make it unique from any of your other passwords. Name your Wi-Fi network in a way that doesn’t let people know it’s your house; naming it “John’s Home,” for example, makes you an open target.

Before committing to the luxury and convenience of your smart home, you need to understand how the whole system works and how you can protect yourself from data theft and security breach. These four steps, if implemented correctly, should help you to stay safer and more secure.

Facebook has been collecting call records and SMS data from Android devices for years. Several Twitter users have reported finding months or years of call history data in their downloadable Facebook data file. A number of Facebook users have been spooked by the recent Cambridge Analytica privacy scandal, prompting them to download all the data that Facebook stores on their account. The results have been alarming for some.

“Oh wow my deleted Facebook Zip file contains info on every single phone cellphone call and text I made for about a year,” says ‏Twitter user Mat Johnson. Another, Dylan McKay, says “somehow it has my entire call history with my partner’s mum.” Others have found a similar pattern where it appears close contacts, like family members, are the only ones tracked in Facebook’s call records.

Facebook has been requesting access to contacts, SMS data, and call history on Android devices to improve its friend recommendation algorithm and distinguish between business contacts and your true personal friendships. Facebook appears to be gathering this data through its Messenger application, which often prompts Android users to take over as the default SMS client. Facebook has, at least recently, been offering an opt-in prompt that prods users with a big blue button to “continuously upload” contact data, including call and text history. It’s not clear when this prompt started appearing in relation to the historical data gathering, and whether it has simply been opt-in the whole time. Either way, it’s clearly alarmed some who have found call history data stored on Facebook’s servers.

The same call record and SMS data collection has not yet been discovered on iOS devices. While Apple does allow some specialist apps to access this data in limited ways like blocking spam calls or texts, these apps have to be specifically enabled through a process that’s similar to enabling third-party keyboards. The majority of iOS apps cannot access call history or SMS messages, and Facebook’s iOS app is not able to capture this data on an iPhone.

Computer systems for the City of Atlanta were hit by an apparent ransomware attack that has caused outages and is now under investigation by the FBI. The cyber criminals are demanding $51,000 to unlock the system, and one security expert believes the public deserves more answers.

City employees in Atlanta coming to work Friday morning were told not to turn on their computers and WiFi at the Atlanta airport was turned off due to a ransomware attack that hit municipal systems on Thursday.

As employees walked into city hall for work, they were handed a printed notice telling them to not use their computers until they were cleared by the municipal IT group, the Atlanta Journal Constitution reported.

The city is still working on mitigating the ransomware and Mayor Keisha Lance Bottoms did not answer questions from reporters as to whether the attack had ended. "What we want to make sure of is that we aren’t putting a Band-Aid on a gaping wound. We want to make sure that we take the appropriate steps," she said. 

The attack hit early Thursday morning. Bottoms has repeatedly told employees they should monitor their bank accounts because city officials don’t yet know what information was compromised in the attack.