It seems during and after any notable event the Cybercriminals are there to exploit the situation in any way they can. The internet and phone lines are rife with scams, from trying to steal your personal information in exchange for ‘expediting’ your stimulus money to trolling Facebook collecting data from people sheltered at home during the pandemic. Everyone can be at risk and businesses are certainly on their radar as well.
Most of us utilize personal online banking, especially now that many of us are at home. The bills still have to be paid and we need to watch our money carefully. It’s extremely important to follow the activities on your bank accounts and online purchases with credit cards. With so many items in short supply it’s easy to be in a hurry to click ‘buy’ on the last item in stock. This can come with greater peril if you’re buying from an online vendor you’ve never used in the past. Be careful, if something seems off or irregular – don’t provide any personal information.
If you’re a business owner – watch all of your bank accounts. Daily. Not just transactions and balances but check and see who the authorized users are on those accounts. There are reports that cybercriminals have been able to gain access to online business accounts, add their own users, and log off. Later they will attempt to authenticate as that newly created user and attack your account.
What can you do in advance?
- Verify with all of your financial institutions that they are using multifactor authentication.
- Determine if there is a notification process for the addition of new account users to your online banking portal.
- If they answer yes, test it! Add a user and see if, and how quickly, you get notified.
- If they answer no, make a formal request that they provide this notification. If they decline, consider a new institution.
- Make sure you do an account reconciliation monthly. Include as part of that reconciliation a verification of the authorized users on the account.
Sometimes these criminals establish a foothold and do nothing for a long period of time. Complacency is their friend so make sure you take as many precautions you can.
A word of caution – if your office begins to be flooded with phone calls – I mean absolutely every line is lighting up – get online and check your accounts. There’s a chance that the criminals are getting ready to act and they want your phone lines tied up so you can’t call your bank. If you don’t know the phone number to your bank – add it as a contact in your phone as well as who to get in contact with.
If you have any questions about your email security, best practices on anti-phishing techniques, or user training – please give us a call. There’s no time like the present to focus on security.