301-571-5040    Get SUPPORT

Washington Works Blog

Washington Works has been serving the Bethesda area since 2005, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Tip of the Week: How to Protect Yourself from Invoice Impersonation

Tip of the Week: How to Protect Yourself from Invoice Impersonation

As cybercriminals become increasingly sophisticated in their methods of attack, it is important that your staff--the ones on the front lines--are educated to spot these attempts and know what to do if one is encountered. In order to spot these attacks, it is important to know what to look for.

Unfortunately, the increased sophistication of these attacks have made them harder to spot and resultantly, harder to avoid. This has led to a rise in the use of an attack vector known as an invoice impersonation attack. When utilizing these attacks, a cybercriminal will send a message under an assumed name (often one that belongs to a regular contact in actuality) that includes an invoice number and a link, presumably to download the invoice.

However, rather than downloading the invoice, as expected, the target of an attack will discover that they have actually downloaded some malware. This is often how ransomware is introduced into a system.

Warning Signs
To avoid falling victim to an invoice impersonation attack--or any form of email phishing or fraud--your users should know to keep their eyes out for any warning signs.

Messages containing a payment request and link
One of the bigger security issues with the concept of email is the fact that most users can only take it on good faith that the message comes from the person it appears to have. There is no voice to identify as someone else’s, and no handwriting to compare to the actual person’s.

Therefore, if an email comes from someone with a request for payments to be made, with a link to what is claimed to be a payment portal, don’t click. You might have just dodged a ransomware program delivered via a phishing attempt.

How to Protect Your Business (with the Help of Your Employees)
Phishing attacks, including invoice impersonation attacks, rely on their target to trust the content enough to not question if the sender is who they say they are. As such, they can be avoided with a little mindfulness on the part of your employees.

Make sure your employees know to keep an eye out for risk factors. Requiring regular training sessions as well as testing their cybersecurity mindfulness will help to keep awareness alive and well among your staff members.

Furthermore, you should have updated spam filters and malware blockers installed to help minimize the risk that these messages even make it to your staff in the first place. This is where Washington Works can help.

If you’re interested in the solutions we have that can help make cyberthreats a non-issue, give us a call at 301-571-5040.

HIPAA and Wearables May Clash in the Near Future
Will 2018 See Any Changes to Your Infrastructure?


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Saturday, July 21 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Best Practices Cloud Business Computing Malware Privacy Hackers Software Network Security Email Business Managed IT Services Internet Tech Term Backup Mobile Devices Ransomware Microsoft Computer Productivity User Tips Google Hosted Solutions Smartphone Data Recovery Android Data Backup Managed Service Provider Productivity Small Business Social Media Encryption Business Continuity Windows 10 Cloud Computing IT Support Data Management Paperless Office IT Services Office 365 Efficiency Browser Communication Business Management Remote Monitoring Hardware Outsourced IT Data App Innovation Facebook Server Disaster Recovery Cybersecurity Government BYOD Work/Life Balance Smartphones Infrastructure Tip of the week Workplace Tips Bandwidth Save Money IT Management Apps Holiday Word Hosted Solution Big Data Artificial Intelligence Employer-Employee Relationship Unified Threat Management Money Phishing Virtual Reality Document Management Risk Management Antivirus Internet of Things How To Compliance Windows Managed IT Services SaaS Password Chrome Saving Money File Sharing Windows 10 Applications Chromebook BDR Two-factor Authentication Vulnerability Tech Support Mobile Device Samsung VPN G Suite Data Security Storage Computing Telephone Systems Server Management Taxes Virtual Private Network Politics Firewall Websites Botnet Automation Wi-Fi Passwords Blockchain Gmail Identity Theft Hacker Regulations Collaboration Twitter Physical Security Maintenance IoT Computer Care Business Technology Customer Relationship Management Robot Office Training HIPAA Recovery Remote Computing Mobile Security Smart Technology Patch Management Scam Automobile Vendor Management Alert Data loss Health Company Culture Networking Mirgation Multi-Factor Security Emoji Uninterrupted Power Supply Modem Travel Servers Managed IT Service Computing Infrastructure YouTube Electronic Medical Records WiFi The Internet of Things Value Budget Managing Stress Gadgets Quick Tips Google Calendar Cookies Motion Sickness Break Fix Alerts Settings Legal GPS Professional Services Enterprise Content Management Chatbots Office Tips Google Drive Legislation Notifications Solid State Drive Social Nanotechnology Statistics Dark Web IT Consultant Mail Merge Licensing Digital Sports Tracking Upgrade USB Unified Communications Techology Identity VoIP Mouse Virtualization Hard Disk Drive Wireless Screen Reader Meetings Bluetooth Microsoft Excel Address Cooperation Spyware Search Dongle VoIP Bring Your Own Device Unified Threat Management Administrator Avoiding Downtime Tablet Smart Tech Webcam Education Staff Machine Learning Service Level Agreement Vulnerabilities User Error Time Management Comparison Black Market Cortana Crowdsourcing Connectivity Point of Sale Utility Computing Cleaning Relocation How To IBM Geography Network Management Specifications Permissions Personal Information Microsoft Office Managed IT Healthcare Wearable Technology Private Cloud Analytics Printer Update Supercomputer High-Speed Internet Social Networking Downtime Touchscreen Black Friday IT Support Outlook Fraud Corporate Profile Website Star Wars Web Server Management Lenovo Error Access Control IT Budget IT Solutions Cabling Development Motherboard Cyber Monday Shortcut WannaCry Computer Repair Cost Management Cameras Spam Enterprise Resource Planning Superfish Communications Firefox SharePoint Digital Payment Upgrades Mobile Device Management Cables Cybercrime Processors Hotspot Law Enforcement Monitors Staffing Assessment CCTV Mobile IT Technicians Downloads Disaster Wires Router Heating/Cooling Distributed Denial of Service Language Gadget Augmented Reality Network Internet Exlporer Safety Managed Service Hiring/Firing Competition Fun Users Miscellaneous Presentation CrashOverride 5G Wireless Technology Emergency Marketing IP Address Customer Service Mobile Office Domains Hard Drives Public Speaking Lithium-ion battery