Proudly serving Virginia, Maryland and DC // Call us today! 703.396.6120
V2 SystemsV2 Systems

by Erik Briceno

Email phishing continues to be a major problem for businesses, with both the number of attacks and their level of sophistication increasing.

These statistics tell the story:

  • According to the FBI, Business Email Compromise makes up almost 50 percent of the $1.4 billion in total losses from internet crime.
  • In one industry survey, 76 percent of organizations said they experienced phishing attacks in 2017.
  • Another survey found that the average user receives 16 malicious spam emails per month. Multiply that by the number of employees in your company — that’s a lot of potential damage for every business to avoid every day.

Business Email Scams Increasing

The FBI tracks two types of scams via emails, and companies should be aware of both:

  • Business Email Compromise: BEC is a scam that specifically targets businesses, particularly those working with foreign suppliers or those who regularly perform wire-transfer payments. These sophisticated attacks target employees with access to company finances and trick them into making wire transfers to bank accounts thought to belong to trusted partners. These attacks are on the rise. In 2017, these scams cost victims more than $676 million, according to the FBI.

Since the FBI began tracking these scams in 2013, BEC attacks (and the consumer version, known as Email Account Compromise or EAC) have continued to grow, evolve and target businesses of all sizes. They’ve hit large and small companies and organizations in every U.S. state, as well as more than 100 countries around the world — from non-profits and well-known corporations to churches and school systems.

“BEC is a serious threat on a global scale,” said Special Agent Martin Licciardo, a veteran organized crime investigator at the FBI’s Washington Field Office. “And the criminal organizations that perpetrate these frauds are continually honing their techniques to exploit unsuspecting victims.”

  • Phishing/Vishing/Smishing/Pharming: These are unsolicited emails, text messages or telephone calls, purportedly coming from a legitimate company, but requesting personal or financial data, or even login credentials. In 2017, these attacks cost victims nearly $30 million, according to the FBI.

Luring the Prey

The scammers behind these email attacks use a variety of tactics, including:

  • Spoofing, in which slight variations on legitimate email or website addresses misdirect the user.
  • Spear phishing, in which targeted phishing attacks appear to be individual, personal emails, therefore increasing their chances of success.
  • Malware, in which destructive attacks infiltrate company networks to gain access to email.

3 Steps to Avoid Becoming a Victim

Time to Cut Bait: Don’t Fall Prey to Email Phishing ScamsThe best protection against these growing threats to your IT environment and sensitive information comes from implementing safeguards that are an integral part of your network infrastructure, software and management right from the start.

  1. Employ an email security solution that automatically detects and blocks advanced security threats.
  2. Conduct regular IT security audits, making upgrades as necessary.
  3. Implement ongoing employee security training to ensure everyone is following the most current best practices, including:
  • Using strong passwords and multi-layer authentication
  • Verifying the sender’s address
  • Only clicking on trusted links or attachments

“The ability of these criminal groups to compromise legitimate business email accounts is staggering,” said the FBI’s Licciardo. “They are experts at deception.”

That underscores why every business should cultivate a culture of security, which is where an IT managed services provider comes in. When you’re ready to talk about protecting your business from phishing scams — or any other outside threats — our expert engineers can structure the right kind of plan, so your team can do its job with a secure information system.

 

Since 1995, Manassas Park, VA-based V2 Systems has employed local systems administrators, network engineers, security consultants, help desk technicians and partnering companies to meet a wide range of clients’ IT needs, from research, to implementation, to maintenance. Concentrate on your VISION…We’ll handle the TECHNOLOGY! 

 

ebriceno
About ebriceno
Erik Briceño is the owner of V2 Systems, Inc., one of Northern Virginia’s leading Information Technology Managed Service Providers. He is an inspiring leader for its employees and instrumental business partner for its customers. He is passionate about V2’s purpose, dedicated to exceeding expectations and a consummate professional not afraid of jumping in and getting his hands dirty. Prior to joining V2 Systems in 2002, Erik was a co-founder and COO of Ampcast.com, a leading provider of online resources servicing over 5,000 independent musical artists. At Ampcast.com, Erik spearheaded all aspects of corporate development, funding, strategic vision, and business development for the firm. From 1997 to 1999 Erik held the position of Acoustic Systems Engineer for Electric Boat Corporation, a leading defense contractor. In this role, Erik was responsible for the acoustic fidelity of two noise critical systems and components in the US Navy’s nuclear submarine systems. Erik holds a B.S. in Mechanical Engineering from Vanderbilt University and a Masters of Business Administration from George Mason University. When not working, you will find Erik a dedicated family man, raising two young children with his lovely wife Karen. Together, they enjoy building legos, playing baseball, skiing, riding horses, swimming, traveling, and fixing up old Mopars.
Time to Cut Bait: Don’t Fall Prey to Email Phishing Scams